Grant Thornton is seeking a Technology Risk Internal Audit Cloud Associate Director to lead and oversee their team's Cloud assurance service line. The role involves providing subject matter expertise, developing new Cloud-related offerings, and supporting business development activities. The ideal candidate will have a professional qualification and post-qualification experience, as well as expertise in scoping and delivering technology internal audits and Technology Risk engagements, particularly in Cloud platforms and solutions.
Requirements
- Professional qualification (CISA, CCAK, CCSK, CCSP etc.)
- Post-qualification experience
- Experience of scoping and delivering technology internal audits and Technology Risk engagements
- Experience of managing internal audits of large companies
- Experience of dealing with complex technical matters related to Cloud platforms and solutions
- Strong experience of Cloud governance, technical configuration, and cloud-specific topics
- Experience of auditing public and/or private Cloud platforms
- Knowledge and familiarity with the Cloud Security Alliance Cloud Controls Matrix and cloud vendor Well Architected frameworks
- Experience of delivering technology audits over DevSecOps / CICD pipelines
- Extensive experience of using audit software and Microsoft packages
- Experience of building extensive and active networks across geographical regions and client organisations
Benefits
- Flexible working options
- Opportunity to work on a broad range of areas, including cyber and network security, IT resilience, IT transformations, IT strategies, data protection, supplier management, and other
- Opportunity to contribute to the development of new technology audit / technology risk service lines and initiatives within BRS
- Opportunity to work with a large portfolio of internal audit and Technology Risk clients
- Opportunity to present reports and findings at Audit Committees and other senior management committees
- Opportunity to work on a broad range of areas, including cyber and network security, IT resilience, IT transformations, IT strategies, data protection, supplier management, and other
