IT Security Controls Auditor
IT Security Controls Auditor
Utilities
Predominantly remote: 1-3 days per month in Warwick
6 months
£600 per day
In short: IT Security Controls Auditor required to join a large utilities client in assessing the design of controls, testing them, and documenting whether they are effective or ineffective across IT and Cyber.
In full:
We require someone to assist with the rollout and implementation of the IT Controls framework. Working within the Security Governance, Risk and Compliance (GRC) and reporting to the Policy and Assurance Manager, you will work on identifying control owners for IT security controls within the framework and collaborate with them to assess the design and control effectiveness of the controls within their ownership. Additionally, where control issues or gaps are identified, you will support control owners in developing adequate remediation plans.
Reporting to the Security GRC Policy and Assurance Manager and working within a small team performing controls testing, you will document control walkthroughs, collect evidence supporting the control assessment, and provide control conclusions. The scope of the work will encompass IT security controls in both an Enterprise IT and Operational Technology (OT) setting.
Essential Experience:
- Multiple end-to-end project experience in auditing/testing IT security controls, including documenting walkthroughs and control assessments to high standards.
- Previous experience from working in a 1.5, 2nd, or 3rd line or external audit role.
- Professional qualification related to IT audit such as CISA or ISO27001 auditor.
- Familiarity with IT control frameworks, such as NIST CSF, ISO27001, and CAF.
- Excellent communication skills, both verbal and written.
- Strong stakeholder management skills with the ability to engage at all levels in a business.
- Ability to work on your own initiative with minimal supervision, organizing and prioritizing a demanding workload and managing stakeholders accordingly.
Qualifications:
- Professional internal/external audit qualification such as IIA, CISA, or ISO27001 auditor.
Candidates will ideally show evidence of the above in their CV to be considered.
Please be advised that if you haven't heard from us within 48 hours, then unfortunately your application has not been successful on this occasion. We may, however, keep your details on file for any suitable future vacancies and contact you accordingly. Pontoon is an employment consultancy and operates as an equal opportunities employer.
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
job faster
