Lead Auditor

Sorry, this job was removed at 12:30 p.m. (GMT) on Friday, Nov 22, 2024
Be an Early Applicant
United Kingdom
Internship
Information Technology • Social Impact
The Role

Description

Methods is a £100M+ IT Services Consultancy who has partnered with a range of central government departments and agencies to transform the way the public sector operates in the UK. Established over 30 years ago and UK-based, we apply our skills in transformation, delivery, and collaboration from across the Methods Group, to create end-to-end business and technical solutions that are people-centred, safe, and designed for the future.

Our human touch sets us apart from other consultancies, system integrators and software houses - with people, technology, and data at the heart of who we are, we believe in creating value and sustainability through everything we do for our clients, staff, communities, and the planet.

We support our clients in the success of their projects while working collaboratively to share skill sets and solve problems. At Methods we have fun while working hard; we are not afraid of making mistakes and learning from them.

Predominantly focused on the public-sector, Methods is now building a significant private sector client portfolio.

Methods was acquired by the Alten Group in early 2022.
Description:

We are seeking a highly skilled and experienced IT/IS Security Auditor with Lead Auditor experience to join our dynamic team. The ideal candidate will possess a deep understanding of information security principles, auditing methodologies and regulatory compliance requirements. They will lead and conduct comprehensive security audits to ensure the integrity, confidentiality and availability of our information assets. This role requires strong analytical skills, attention to detail and the ability to communicate effectively with various stakeholders.

Requirements
  1. Advanced Audit and Security certifications/qualifications such as CISSP, CISA, CISM, Institute of Internal Auditors (IIA) or equivalent are preferred.
  2. Proven experience in IT/IS security auditing, with a strong focus on leading audit engagements.
  3. In-depth knowledge of information security principles, best practices, and standards.
  4. Proven experience in leading and building Audit & Assurance Teams, supporting individuals to improve their capability and in turn Methods capability.
  5. Familiarity with regulations, standards and frameworks GDPR, HIPAA, PCI DSS, ISO 27001, NIST and NIS.
  6. Experience else a good understanding of the work of NCSC.
  7. Excellent analytical, problem-solving, and decision-making skills.
  8. Strong communication and interpersonal skills, with the ability to effectively communicate complex technical concepts to non-technical stakeholders.
  9. Ability to work independently and collaboratively in a fast-paced environment.
  10. High level of integrity, professionalism and attention to detail.

Responsibilities:

  1. Lead Audits: Take charge of planning, organizing, and leading IT/IS security audits from initiation to completion. This includes defining audit scope, objectives, and methodologies in accordance with industry standards and regulatory requirements.
  2. Building Capability and Leading Teams. Proven ability to build Audit and Assurance Teams to include professional training complementing relevant work experience.
  3. Audit Execution: Execute audit procedures, including but not limited to reviewing systems, conducting interviews, reviewing and analysing policies, procedures, processes and documentation.
  4. Documentation and Reporting: Document audit findings, observations, and recommendations in clear and concise reports. Communicate audit results to management and stakeholders, providing actionable insights and recommendations for improvement.
  5. Assessment: Identify potential security vulnerabilities and threats within the organization's IT systems, networks and infrastructure. Develop strategies and practical recommendations to mitigate risks and vulnerabilities.
  6. Compliance Monitoring: Review and report on an organisation’s security posture to include policies, procedures and controls in line with extant security standards and frameworks as well as regulatory requirements. Stay abreast of relevant laws, regulations, and industry standards (such as GDPR, HIPAA, ISO 27001, NIST, NIS) to ensure compliance.
  7. Continuous Improvement: Collaborate with client IT and security teams to implement corrective actions and remediation plans based on audit findings. Continuously monitor and evaluate the effectiveness of security controls and processes.
  8. Training and Awareness: Provide guidance and training to staff on security best practices, policies, and procedures. Promote a culture of security awareness and compliance throughout the organization.

Additional desirable knowledge/experience:


  1. Auditing emerging technologies such as IoT/OT, blockchain, AI/ML.
  2. Auditing cloud environments (e.g., AWS, Azure, GCP).
  3. COBIT, ITIL, CIS, CAF.
  4. Public and Private Sector to include defence, healthcare, automotive, finance and insurance.
  5. GovAssure


This role will require you to have or be willing to go through Security Clearance. As part of the onboarding process candidates will be asked to complete a Baseline Personnel Security Standard; details of the evidence required to apply may be found on the government website Gov.UK. If you are unable to meet this and any associated criteria, then your employment may be delayed, or rejected . Details of this will be discussed with you at interview. 

Benefits

Methods is passionate about its people; we want our colleagues to develop the things they are good at and enjoy.

By joining us you can expect

  • Autonomy to develop and grow your skills and experience
  • Be part of exciting project work that is making a difference in society
  • Strong, inspiring and thought-provoking leadership
  • A supportive and collaborative environment

Development – access to LinkedIn Learning, a management development programme, and training

Wellness – 24/7 confidential employee assistance programme

Flexible Working – including home working and part time

Social – office parties, breakfast Tuesdays, monthly pizza Thursdays, Thirsty Thursdays, and commitment to charitable causes

Time Off – 25 days of annual leave a year, plus bank holidays, with the option to buy 5 extra days each year

Volunteering – 2 paid days per year to volunteer in our local communities or within a charity organisation

Pension – Salary Exchange Scheme with 4% employer contribution and 5% employee contribution

Discretionary Company Bonus – based on company and individual performance

Life Assurance – of 4 times base salary

Private Medical Insurance – which is non-contributory (spouse and dependants included)

Worldwide Travel Insurance – which is non-contributory (spouse and dependants included)

Enhanced Maternity and Paternity Pay

Travel – season ticket loan, cycle to work scheme

For a full list of benefits please visit our website ()

The Company
Edinburgh
552 Employees
On-site Workplace
Year Founded: 1992

What We Do

Methods is the leading digital transformation partner for the UK public sector. We care deeply about making our public services better and have been doing this for 28 years.

Methods partners with a range of central government departments and agencies to transform the way public sector operates in the UK. Our mission is to help safeguard public-facing services and apply digital thinking to make sure the future of our public services is centred around citizens.

Committed to having social impact, we enjoy an enviable track record of delivering real savings and benefits. We do this by helping you move from vertically integrated legacy infrastructure to a platform business model – allowing you to keep infrastructure costs low and focus on doing what you do best i.e. delivering front-end services.

With Methods, you access a range of specialist skills and industry expertise to transform your organisation for the digital age, break free of expensive suppliers, and take control of your customer relationships and operating model.

Further information on Methods Group can be found at www.methods.co.uk.

Similar Jobs

Dropbox Logo Dropbox

Senior Internal Auditor

Artificial Intelligence • Cloud • Consumer Web • Productivity • Software • App development • Data Privacy
Remote
2 Locations
2500 Employees
London, Greater London, England, GBR
3725 Employees

Marmon Holdings Logo Marmon Holdings

Auditor 2

Industrial • Manufacturing
4 Locations
485 Employees

NBCUniversal Logo NBCUniversal

Business Administrator

AdTech • Cloud • Digital Media • Information Technology • News + Entertainment • App development
Hybrid
Belfast, County Antrim, Northern Ireland, GBR
68000 Employees

Similar Companies Hiring

Trustpilot Thumbnail
Software • Sales • Information Technology • Consumer Web
Copenhagen, DK
950 Employees

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account