Job Title: Senior Audit Manager – Cyber Security and Operational Resilience

Salary: £90,440 - £131,540 (dependent on location)

Location(s): Edinburgh, Bristol, London

Hours: Full-time

Working Pattern: Hybrid, with at least two days per week spent in the office

About this opportunity

An exciting opportunity to join the Group Audit and Conduct Investigations (GA&CI) function and the Technology Risk audit team as a Senior Audit Manager (Portfolio Lead) in Cyber Security and Operational Resilience. This role provides the opportunity to shape and lead audits, harnessing a deep understanding of operational resilience, cyber security, and technology risks to provide high-quality independent assurance on the effectiveness of controls.

Responsibilities:

• Audit Planning: planning for a portfolio of audits, requesting/selecting resources, and liaising with stakeholders to discuss and propose scope and timelines.
• Audit Execution: managing delivery of a portfolio of audits, delivering audits on time and within budget, ensuring quality of audit file and coverage of agreed scope, ensuring compliance with audit methodology, and providing progress updates to the Head of Audit and Audit Directors.
• Audit report preparation and agreement with stakeholders.
• Oversee the follow-up and subsequent remediation of audit issues identified.
• Coaching and supporting colleagues.
• Providing SME insights and support.
• Driving personal growth and continuous improvement.

Requirements:

• Industry best-practices: Strong understanding and experience of both UK Operational Resilience regulations and business continuity best practices. Strong technical knowledge of Cyber Security best practices, risks, frameworks, and standards.
• Audit and/or risk and controls experience: Practical experience of assessing operational resilience, cyber, and technology risks and key controls, documenting appropriate test plans to deliver on audit objectives.
• Stakeholder management: The ability, skill, and experience to effectively manage senior stakeholder relationships, building credibility and trust.
• Project management: Strong project management skills and a focus on delivery of the audit plan are critical.
• Team leadership: Leadership and collaboration skills are key to achieving the Group and function’s objectives.

Nice to Have:

• Technically proficient, with hands-on technology experience (e.g., security testing, ethical hacking).
• Solid understanding of technology infrastructure, networks, cloud technologies, and related architecture and security frameworks.
• Knowledge of software development and software engineering methods, practices, and tools across the software development lifecycle.
• Experience and ability to develop innovative tools to support audit testing and continuous auditing.

We Offer:

• A generous pension contribution of up to 15%
• An annual performance-related bonus
• Share schemes including free shares
• Benefits you can adapt to your lifestyle, such as discounted shopping
• 30 days’ holiday, with bank holidays on top
• A range of wellbeing initiatives and generous parental leave policies

Diversity and Inclusion:

We are committed to building a workforce that reflects the diversity of the customers and communities we serve. We are disability confident and welcome applications from under-represented groups.