Job ID: R1034101

Job type: Permanent

Time type: Full time

Categories: Large & Complex Advisory

More than you expected

The UK member firms of Grant Thornton are part of global network of independent audit, tax and advisory firms, made up of some 76,000 in over 150 countries. We're a team of independent thinkers who put quality, inclusion and integrity first. All around the world we bring a different experience to our clients. A better experience. One that delivers the expertise they need in a way that goes beyond. Personal, proactive, and agile. That's Grant Thornton.

Job Description:

Every day our teams help people in businesses and communities to do what is right and achieve their goals.

Our Business Risk Services (BRS) practice focuses on helping organisation manage risk, improve operational processes and realise strategic objectives. Our team brings together a range of skills and experience across sector specialisms. Our BRS team, support our clients’ internal audit and Technology Risk (second line) functions, through the provision of tailored, flexible and cost-effective solutions, that provide access to industry best practice methodology, value add insights and subject matter experts. Our BRS team focuses on clients in the FTSE 100 and international large and complex corporates, and one of the key focus and risk areas for these organisations is Cloud.

This role is to lead and oversee our team’s Cloud assurance service line, providing our clients with subject matter expertise and insight on how the risks associated with their use of Cloud are being managed, develop new Cloud related offerings, and supporting our broader growth agenda.

We’re happy to talk flexible working and consider reduced hours and job shares, we’ll support you to balance your work and life.

A look into the role

As a Technology Audit Associate Director within our Business Risk Services (BRS) team you will:

• Take ownership and lead on allocated assignments and client accounts in a way that exceeds client expectations while taking responsibility for managing and developing staff.
• Be responsible for overseeing the delivery of a number of technology internal audit / technology risk engagements and manage portfolio of technology audit / technology risk engagement and relationships with clients, delegating work to the managers as and where required.
• Support and lead business development activities, winning new clients and upselling services to existing clients
• Lead on planning conversations with clients, and in the preparation of draft terms of reference/audit planning documents.
• Providing subject matter expert input into technology audit / technology risk engagements and overseeing fieldwork performed by more junior team members, ensuring all work is performed in accordance with Grant Thornton methodologies, that testing sufficient and appropriate testing has been performed, and evidence to support key decisions has been obtained.
• Oversee, and review the work of, junior members of the team, supporting development and ensuring quality in the work performed.
• Hold close-out meetings with clients to ensure that they have a full understanding of issues identified and these are agreed, and write reports summarising the key observations from the work performed.
• Presenting reports and findings at Audit Committees and other senior management committees
• Support in the development of new technology audit / technology risk service lines and initiatives within BRS, with a focus (but not exclusively) on Cloud assurance
• Assist with the financial management of client relationships, including monitoring WIP, raising invoices, ensuring an adequate margin is achieved on engagements, and preparing budgets
• Leading on the developing annual audit plans.

Knowing you’re right for us

Joining us as a Business Risk Services Associate Director, the minimum criteria you’ll need is a professional qualification (CISA, CCAK, CCSK, CCSP etc.) with post qualification experience, and to be confident managing a large portfolio of internal audit and Technology Risk clients. It would be great if you had some of the following skills, but don’t worry if you don’t tick every box, we’ll help you develop along the way.

• Experience of scoping and delivering technology internal audits and Technology Risk engagements (ie first / second line assurance activities), and developing reports and presenting conclusions to relevant senior stakeholders,
• Experience of managing internal audits of large companies in addition to dealing with complex technical matters, in particular areas related to the configuration, resilience, and security of Cloud platforms and solutions (inc IaaS, PaaS, and SaaS).
• Strong experience of a range of cloud governance, technical configuration, and cloud specific topics such as security, data protection/privacy, availability, resilience, disaster recovery, performance, cost management, third-party management, and change management.
• Experience of auditing public (such as AWS, Azure and Google Cloud) and/or private (such as VMWare) cloud platforms.
• Knowledge and familiarity with the Cloud Security Alliance Cloud Controls Matrix, cloud vendor Well Architected frameworks and Agile methodologies.
• Ideally a good track record of performing IT audits over DevSecOps / CICD pipelines, including release management, source code management, testing, security, use of tools and automation Experience of delivering a technology audit / technology risk covering a broad range of areas, including cyber and network security, IT resilience, IT transformations, IT strategies, data protection, supplier management, and other.
• Extensive experience of using audit software and Microsoft packages.
• Experience of building extensive and active networks which across geographical regions and client organisations.
• You’ll be proactive rather than reactive in your approach and personal goals are congruent with those of the firm.

Knowing we’re right for you

Embracing uniqueness, the culture at Grant Thornton thrives on the contributions of all our people, we never settle for what is easy, we look beyond to deliver the right thing, for everyone. Building an inclusive culture, where we value difference and respect our colleagues helps our people to perform at the best of their ability and realise their potential.

Our open and accessible culture means you’ll interact with leaders who are interested in you and everything you bring to our firm. The things that set you apart, we value them. That’s why we give you th