Technology Audit and Assurance Manager

An opportunity has arisen with in fast growing fintech business that works with global pharmaceutical and bio medical organisation for someone to join their Governance, Risk and Compliance team in a broad assurance/Audit role to help them build and design their own internal programme. This is a very hands-on role with the potential to build a global team long term.

High level Core duties:

• Managing Internal, External and Client Audits
• Management and implementation of multiple existing and new compliance Frameworks including but not limited to SOC2, FISMA/NIST, ISO 27001 and 27701
• GRC tool management (implementation and operation for multiple compliance frameworks)

Detailed Job Description:

• The Technology Audit and Assurance Manager is a key role at an all-digital Biotech company with a modern tech stack and shared infrastructure,
• This role will partner across the business to bring subject matter expertise, business acumen, and insights to the assessment of these areas,
• You will assist in the implementation of new Information Security and Data Protection Frameworks to obtain industry certifications and maintain existing certifications.
• You will also establish internal practices for strong technology and information security reviews. We're looking for a team player who is curious, a builder, and can collaborate effectively,
• Oversee, plan, design, and perform all aspects of technology audit coverage and related practices,
• Plan, lead and execute technology and information security audits in a modern technology stack,
• Provide credible challenge and professional skepticism to assess potential gaps or weaknesses in the internal control infrastructure to ensure risks that pose the most risk to the company are identified timely and addressed,
• Establish and maintain effective business relationships,
• Employ data-driven approaches
• Monitor the audit schedule and track it for the timely completion of audit activities,
• Monitor the progress of management's committed action plans and validate the closure of remediated audit issues and regulatory findings,
• Report to internal partners and executive management as required

Experience and Qualifications:

• 5-7 years of IT audit experience
• Command of regulatory guidance for technology, cyber, and infosec Influencer of outcomes and pragmatic tackler of new things with a good balance between technical, commercial and operational requirements
• Effective communicator who can adjust to the audience,
• Proven history of accuracy and attention to detail with minimal oversight and errors,
• Professional designations such as Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), or Certified Internal Auditor (CIA) certification or equivalent are desired but not necessary.

This will be hybrid role but there will need to be flexible around what days you are in their central london office.

For a confidential chat about this or other roles he is handling please contact Matt Pollard in the Jameson Legal London office.

Jameson Legal acts as an employment business for temporary recruitment and as an employment agency for fixed term contract and permanent recruitment.

Please note: Where a level of experience, such as 'PQE', is indicated, please note that this is a guideline only and represents the amount of time we would usually expect a candidate to accumulate the requisite level of experience. This does not preclude applications from candidates with more or less experience

To view a list of other current job opportunities, please visit