IT & Cyber Controls Testing Lead - Flexible Working Available
Lloyds Banking Group
At Lloyds Banking Group, we're driven by a clear purpose - to Help Britain prosper. Across the Group, our colleagues are focused on making a difference to customers, businesses and communities. And as the UK's largest retail and commercial bank, we have a footprint that touches nearly every community and household in the UK.
Our brands, our services and our business span every aspect of banking and finance, including some of the biggest names on the UK's high streets. That gives us a big responsibility to support the UK economy, and we have a clear strategy to put customers first - and achieve our vision of becoming the best bank for customers.
COO Business Risk
We love to do things differently in COO Business Risk. We encourage our employees to challenge the status quo and to come up with new and innovative ideas.
Our vision is to be the Leading 1st Line Risk Function in Financial Services in the UK. We work collaboratively with the business areas we support (Group Transformation, Group CIO, Group Sourcing & Chief Security Office) to identify, report and mitigate risks - our key priority is to transform the bank in a safe and compliant way.
We're committed to achieving this vision through a clear focus on the provision of expert risk advice & guidance, through creating and delivering an optimised control environment, through investing in developing our people and through the adoption of technology solutions to improve our effectiveness.
Sound like your kind of place?
We're looking for an IT & Cyber Controls Testing lead to join our Business Risk and Governance leadership team, who will be responsible for ensuring that Lloyds Banking Group has efficient and effective IT controls testing throughout its' IT risk frameworks.
You could help make it possible...
You'd be leading IT & Cyber Controls, Cyber Control, IT SOX Control, Cryptography and Code of Conduct Testing teams and will be a key contributor in both strategic and operational decision-making.
What would you be getting involved with?
You'll report to the Business Risk and Governance Director and will:
- Lead IT SOX, IT & Cyber Controls, Cyber Control, Code of Conduct and Cryptography testing teams
- Responsible for planning, execution, monitoring and reporting of associated control testing/assurance activities within the agreed scope
- Provide expert knowledge and guidance on controls and assessing IT/Cyber Controls and associated risk in an accurate, complete and transparent way
- Through analysis of MI and controls data, provide inputs into the IT Divisional Risk Committee and other department risk forums taking ownership of subsequent actions
- Collaborate with senior managers across the three Lines of Defence (e.g. Group Risk, Internal Audit) to identify, share and implement standard methodologies across the organisation
- You'll bring passion for our values of putting customers first, keeping it simple, and making a difference together
- You'll love to solve problems and challenge the status quo with innovative ideas
- You're a highly motivated self-starter
- You'll have the ability to build strong collaborative relationships
Whilst ideally you'll be based in London, we do have an agile approach to working and could accommodate you being based at one of our other hubs, in Edinburgh, Manchester and Halifax.
And the skills/background you'd possess?
- Extensive relevant experience in the IT organisation of a financial institution or audit/consulting firm
- Advanced knowledge of IT/cyber controls and testing practices within IT and business processes
- Strong leadership abilities, being comfortable with challenging the status quo and managing ambiguity
- You can demonstrate extensive experience in designing controls and testing methodologies (e.g. CAAT, sampling)
- You're a subject matter expert in auditing or testing of at least one of control frameworks such as Cyber Security, IT SOX Controls, IT General Controls frameworks
A Strong understanding of various Information Technology Assurance Frameworks (COBIT, ISO27001, ITIL, NIST etc.), regulatory requirements (GDP, BASEL, SOX, FCA, etc.), and current and emerging technology trends would be very useful. Similarly being qualified in one or more of the following CISA/CISSP/ITIL/CRISC or equivalent would be beneficial.
What do you get in return?
In addition to the salary quoted the position also offers:
- Discretionary Performance Share Award
- Generous pension contribution
- A flex benefits cash pot you can adjust to suit your lifestyle (4% on top of your basic salary)
- Private health cover
- Access to share schemes
- 30 days holiday plus bank holidays
In return for your expertise, you'll enjoy our dedication to your ongoing personal and professional development. Here, you'll grow as a person and develop your career. As a valued member of our team, we'll support to grow and advance you through excellent training and progression opportunities. Our customers' experience and success starts with yours.
We're focused on creating a values-led culture and are committed to building a workforce which reflects the diversity of the customers and communities we serve. Together we're building a truly inclusive workplace where all of our colleagues have the opportunity to make a real difference.