Senior IT Audit Manager (Scale E)

08 Jan 2021
08 Jan 2021
Clearance Level
DV, None / Undisclosed, SC
Job Type
The Bank of England is the UK's central bank. Our mission is to deliver monetary and financial stability for the British people.

The Bank of England is a diverse organisation. Each of its 4,000 plus people are committed to public service and dedicated to promoting the good of the people of the United Kingdom by maintaining monetary and financial stability.
Risk management in its broadest sense is at the core of the Bank's mission and is central to everything we do. As well as the diverse policy risks managed by the Bank's three policymaking committees, the Bank is also exposed to a wide array of financial and non-financial risks.

The Risk Directorate was created following the 2018 internal Risk Governance Review and houses the second line of defence risk and compliance functions charged with providing effective oversight of the Bank's financial and non-financial risks and ensuring compliance with its policies. The Directorate brought together various second line functions - Bankwide Risk, Financial Risk & Resilience, and the Bank's central Compliance Division, including Privacy. The Risk Directorate also includes Business Continuity Management.
Internal Audit forms the third line of Defence for the bank and is part of the Risk Directorate for administration purposes but operates independently
Department Overview
Internal Audit forms the third line of Defence for the bank and is part of the Risk Directorate for administration purposes but operates independently

Job description
The Bank of England's Internal Audit function is currently looking for an IT Audit Manager, in its Technology Audit Team. Reporting to the Head of Technology Audit, the role offers a unique insight into a wide range of high profile activities across the Bank. Managing a team of three experienced IT Auditors, t he holder of this role will have the opportunity to manage audits across a diverse range of functions and interact with senior Bank management. There is a specific requirement for the role holder to have a good understanding of Cyber Security and newer ways of managing Technology (such as DevOps and Cloud Technologies).
There are also opportunities for secondment and for career development through transfers within the Bank following an agreed period in the role.
The role holder will be managing all aspects of IT auditing in the Bank covering application controls, general IT controls and infrastructure (networks, databases, operating systems) environments. There will be a specific requirement for the role holder to have a good understanding of Cyber Security risks and controls, and how Technology operates in an agile environment (using Dev Ops, automation and Cloud Technologies).
Key responsibilities of the role are:
  • Scoping and managing a portfolio of audits ensuring key risks and issues are identified, the root causes understood and well targeted recommendations are agreed with business and technology functions.
  • Performing technically detailed audits of specific IT security risks and controls, as well as providing specialist skills/knowledge as required to colleagues performing other audits.
  • Ensuring that audits are completed within time and budgetary targets and that all required documentation is completed and meets our quality standards.
  • Preparing and reviewing all key audit outputs ensuring that they clearly articulate relevant information (e.g. scope, risks, issues and recommendations) and are well structured.
  • Representing Internal Audit at project boards and other forums, making insightful and influential contributions to discussion of key risks, issues and controls.
  • Contributing to the development of departmental practices and delivery and engage positively in Bank wide initiatives.
  • Maintaining awareness of emerging IT security risks (e.g. through continuous auditing, training, or conference attendance) and sharing knowledge of this with the wider audit function.
This role includes people management. You will be responsible for day to day management of three team members and for defining roles and responsibilities. You will develop team members through sharing information effectively, coaching and communicating a clear vision to ensure that staff are productive, engaged and motivated to deliver the department's aims. This will include setting clear goals and smart stretching objectives that are aligned to those of the team and division. You will also be responsible for managing all staff-related matters that may arise including performance, absence and sickness.

Number of direct reports: Three

Role Requirements

Minimum Essential Criteria
The successful candidate will have an excellent track record in their career to date including relevant experience of IT risks and controls, Internal or External audit.

Desirable Criteria
It is desired that the successful candidate has a relevant professional qualification such as Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA) or Certified Information Security Manager (CISM).

We continue to build an inclusive culture where everyone can be their whole selves and produce their best work. Our focus on inclusion is intended to build greater diversity in order to reflect the society we serve and be an employer of choice.

We anonymise applications so hiring managers will not be able to see your personal information, your original CV or covering letters when reviewing your submission. Please complete work history and the application form questions as requested because incomplete submissions will not be reviewed.

The closing date for applications is 28th January 2021

Please apply online, ensuring that you answer the application questions, complete the work history and submit your CV.

The contractual job title for this position is IT Audit Manager.

Similar jobs

Similar jobs