Job title: Technology Audit Manager
Reports to: Chief Auditor
‘Rothesay’ is a UK insurance company purpose built to protect pensions. We are the largest specialist pension insurer in the UK, managing over £50bn of assets and securing pensions for over 800,000 people. We secure pensions for over 170 pension schemes and insurers including British Airways, Post Office, ASDA, National Grid and Aegon.
At Rothesay, we are striving to transform our industry. We believe deeply in creating real security for the future and our leadership in finding new and better ways to do that is the key to our success. To do that, we need the very brightest original thinkers to bring creativity as well as rigour. Rothesay is a rewarding place to work, where quality people can thrive and prosper. We pride ourselves on the connections our people build, many of whom have been with us for over ten years.
The Technology Audit Manager is a critical senior role in the Internal Audit function and is responsible for assisting the Chief Auditor in delivery of a risk based audit plan to the Audit Committee. You will be part of a growing, highly collegiate team and will be responsible for delivering end-to-end risk based audits
The Technology Audit Manager will take a key role in the identification of existing and emerging risks and challenging, and supporting, the delivery of the Rothesay business plan.
This is a fast paced role which requires constant reevaluation of approach and priorities to ensure that the audit function and its operation remain relevant to the business
Leadership of the Internal Audit function
- Be a visible, approachable trusted business partner, a champion of transparency, rigor and fairness; a role model for our way of working. Demonstrate to the business what it means to be commercial and proportionate.
- Work closely with the Chief Auditor and the operational audit team to shape and implement the strategic direction and goals for internal audit within Rothesay Lif.
- Lead by example to build and sustain a high performance culture, setting goals, inspiring people to perform and driving measurable change.
- Train, develop and coach the audit team to deliver against best in class audit execution.
- Actively engage across the industry to gather external insights and areas to support a culture of continuous improvement.
- Integrate Internal Audit as a critical element of the Rothesay strategy.
Internal Audit responsibilities
- By application of a risk based approach support the development of an annual audit plan with a focus on technology risk.
- Lead the delivery of the Technology audit plan including acting as the in-charge for a number of audits.
- Align with and support the delivery of operational audits through insights into relevant technology risks and controls
- Engage and effectively oversight the use of external SME resources
- Lead by example delivering a “no surprises” audit approach.
- Deliver a, fit for publishing, Audit report following the conclusion of each audit.
Stakeholder management and reporting
- Provide independent, reliable and objective assurance to the Company on risk management, control and corporate governance issues.
- Report significant existing and emerging risk exposures and control.
- Support the Chief Auditor in providing summary reporting to management, the executive and Committees
- Build and strengthen relationships at an operational level, providing guidance, challenge and corrective action, without preventing growth or commercial performance.
- Maintain strong stakeholder relationships, being prepared to deliver tough messages, whilst maintaining long term relationships.
- You will need to demonstrate significant experience across key technology domains which may include application controls, operating systems control, Information and cyber security. Technology frameworks experience such as CoBIT and ITIL also desirable
- Experience of auditing multi- year technology programmes
- Professional Computer/Security systems audit qualifications – CISSP, CISA or CISM
- Financial services audit experience
- Minimum 10 years' experience in an Audit Manager / or equivalent role within UK/US regulated financial services.
- Experience at senior stakeholder engagement – a proven track record for developing positive working relationships and influencing stakeholders at all levels, including at the most senior level.
- Excellent written communication and time management skills
- Technical Skills - Demonstrates strong technical skills required for the role, pays attention to detail, takes initiative to broaden his/her knowledge and demonstrates appropriate analytical skills
- Drive and Motivation – Be a self-starter; successfully handles multiple tasks, takes initiative to improve his/her own performance, works intensely towards extremely challenging goals and persists in the face of obstacles or setbacks
- Teamwork – Demonstrate evidence of being a strong team player, collaborates with others within and across teams, encourages other team members to participate and contribute and acknowledges others' contributions
- Communication Skills - Communicates what is relevant and important in a clear and concise manner and shares information/new ideas with others
- Judgement and Problem solving - Thinks ahead, anticipates questions, plans for contingencies, finds alternative solutions and identifies clear objectives. Sees the big picture and effectively analyses complex issues
- Creativity/Innovation - Looks for new ways to improve current processes and develop creative solutions that are grounded in reality and have practical value
- Influencing Outcomes - Presents sound, persuasive rationale for ideas or opinions. Takes a position on issues and influences others' opinions and presents persuasive recommendations
Disclaimer This position description is intended to describe the duties most frequently performed by an individual in this position. It is not intended to be a complete list of assigned duties, but to describe a position level. The role shall be performed within a professional office environment. Rothesay has health and safety polices that are available for all workers upon request. There are no specific health risks associated with the role.