IT Controls Specialist

Audit & Risk Recruitment

Our client can not provide sponsorship at this time

Hybrid role

Audit & Risk Recruitment are working exclusively with an integral market leading National Infrastructure powerhouse to help them hire an IT Risk and Controls specialist. This is an exciting opportunity to help migrate, rebuild and improve their entire new IT Controls Framework, working in a forward thinking and brand new team.

Our client is currently undertaking a full IT Controls transformation. The role will give you the opportunity to have an integral role, working closely controls automation and data manipulation along with IT General controls, IT application controls and the building of a new SAP system to make your mark on the industry leading company, protecting the UK's National infrastructure. Your guidance in a leading role will be essential in defining advanced IT Risk and Controls, working closely with high-level stakeholders work with the team in the implementation and efficient strategy.

You will also have the opportunity for growth and development in the company, with a commitment to long-term building and maintenance of the IT controls framework, in a team with a keen focus on robotics and AI automation projects to allow for continuous personal improvement and progression.

You will be entrusted with improving and designing the perception of IT Risk and Controls within the new firm, having the skills to communicate and implement your vision with the project, making a long-lasting impact on the firm and the millions of customers and businesses they support.

Key responsibilities:

• Support the development and maintenance of an effective internal controls framework (ICFR) as well as maintenance of control operating procedures, processes, and policies.
• Support the IT Risk and Controls Manager with implementing and embedding risk and controls transformation within the CFO Function
• Support the delivery of the annual controls testing cycle, validating control gaps, reviewing evidence and facilitating any remediation required together with the 1st line business and the IT team (ITACs/ITGCs)
• Provide technical support in the assessment, design, and implementation of ITGC/ITAC requirements
• Perform roles and access related risk assessments, addressing any violations through remediation or mitigation of the risk.
• Work with IT system owners to develop plans to uplift existing controls or implement new controls whilst exploring opportunities to maximise technology.
• Execute pre-implementation reviews of new financial systems to ensure compliance with our ITGC/ITAC controls framework. Develop, implement, and test controls for new acquisitions and in-scope controls
• Provide advisory services to change programmes within the finance and IT functions to ensure that controls are appropriately considered in the design and implementation of these programmes.
• Continuously evaluate the effectiveness of the internal controls framework and opportunities for improvement, including the development and implementation of process improvements and automation.
• Manage relationships with external auditors and other stakeholders, including developing and maintaining effective communication channels and providing timely and accurate information to senior leadership.

Technical requirements:

• Strong knowledge of ITGC control frameworks, IT Application Controls and Automated Controls as well as IT dependencies (Interfaces, IPEs etc) together with the impact on financial reporting.
• Thorough understanding of ITGC domains such as Logical Access, Change Management, SDLC and Computer Operations.
• Advanced risk, controls, and information technology operations knowledge, as well as command of SAP, GAAP, SOX, COSO and/or COBIT control framework (preferred)
• Knowledge of IT auditing practices within finance IT applications and the underlying infrastructure (ITACs, Platform reviews, data migration, interfaces etc.)
• Experience in identifying control gaps and communicating audit findings and control redesign recommendations (preferred)
• Proven track record of successful and on-time delivery of IT controls projects

Essential Functional / Technical Skills:

• Strong technical risk management, governance and/or audit skills, understanding of risk assessment techniques and 1st, 2nd, and 3rd lines of defence frameworks.
• Robust understanding of IT General controls/ IT Application controls and impact on financial reporting
• Experience in leveraging technology (e.g. RPA, CCMs (continuous controls monitoring) to improve overall control environment will be highly desirable
• Cybersecurity/IT Audit: SAP/CEH/CISM/CISA/DISA/CISSP/ISO 27001 experience is preferable but not essential
• Project Management: CAPM/PMP/PRINCE2/Agile is considered a benefit
• Experience in energy industry is considered a benefit

Personal Attributes / Competencies:

• Excellent communication and personal skills as well the ability to work well with stakeholders at all levels.
• Resilient, self-motivated and good at managing own time in order to meet agreed deadlines.
• Strong quantitative, analytical, and reporting skills.
• Pragmatic attitude and can adapt quickly to a changing environment

You should be a candidate that has professional experience of working with IT general controls and IT application controls. A mix of experience in Industry and Practice will be valued. You'll need to available to work in the UK without sponsorship and be able to commute one to two days a week to Warwick.

Audit & Risk Recruitment