The Secure Trust Bank (STB) Group depends on the effective and secure use of technology in all its operations and routes to its markets. The Group has recently refreshed its IT strategy and operates several IT support models, including third party managed services, internally developed applications and services, and third party hosted internally managed services. The provision of assurance over associated key IT and cyber risks is a core element of the internal audit plan.
What you will do
You will lead and perform IT and cyber risk internal audit activity to understand and report to the Board and Executive Management the extent to which significant IT and cyber risks are governed, managed, and controlled. You will have responsibility for defining the IT and cyber risk internal audit activity within the overall internal audit plan along with performing IT and Cyber internal audits. You will have responsibility for validating the completion of IT and cyber internal audit action.
Part of the role will see you also focus on managing arrangements with Subject Matter Experts from third party internal audit co-source providers in respect of IT and cyber internal audits.
What you will bring
* A strong IT and cyber audit professional with demonstrable experience of successfully delivering end to end IT and cyber internal audits autonomously and as part of a team.
* Expertise in assessing cyber security risks both in relation to software, application and platform development, and NIST/ CBEST risk assessment (identify and access management, network security, vulnerability management, data loss prevention, security event monitoring).
* Experience in testing key IT and cyber controls in SaaS, PaaS, and IaaS environments and across different applications, operating systems, and databases.
* Confident and articulate in collaborating with senior colleagues (e.g., COO, BU Managing Directors, CISO, PMO leads, IT functional leads).
#J-18808-Ljbffr