Senior Audit and Compliance Consultant

Posted 9 Days Ago
Be an Early Applicant
London, Greater London, England
Senior level
Automotive • Software • Financial Services
The Role
The Senior Audit and Compliance Consultant will be responsible for leading information security auditing activities, ensuring compliance with relevant standards, conducting audits, improving security controls, and providing consultancy on information security matters. The role requires collaboration with various teams and managing relationships with third-party vendors.
Summary Generated by Built In

Senior Audit and Compliance Consultant 
 

Alfa are currently recruiting a Senior Audit and Compliance Consultant to contribute all information security auditing activities along with supporting day-to-day information security governance, risk and compliance (InfoSec GRC) activities.


Key responsibilities/activities

  • Collaborate with the Information Security team to ensure Alfa’s ISMS is compliant with ISO 27001:2022 and ISO 27018:2019, and meets the requirements of the AICPA Statement on Standards for Attestation Engagements 18 (SSAE 18) / International Standard on Assurance Engagements No. 3402 (ISAE 3402) System and Organization Controls (SOC) 1 Type 2 and SSAE18 System and Organization Controls (SOC) 2 Type 2.
  • Contribute to the audit cycles for all of Alfa’s Information Security auditing requirements (including client audits, internal audits and statutory audits).
  • Conduct periodic review and maintenance of Alfa’s Information Security Management System (ISMS) policies, procedures and processes.
  • Identify opportunities for improvements in information security controls to contribute to Alfa's growth and development.
  • Contribute to the planning of internal, external and client audit requirements including the collection of evidence.
  • Conduct physical security audits to ensure that Alfa’s operational locations are compliant with the ISMS.
  • Contribute to the completeness of security questionnaires for existing and prospective clients.
  • Contribute to the performance of Root Cause Analysis (RCA) for incidents and audit findings.
  • Provide consultancy, information security advice and guidance to teams and projects at Alfa.
  • Develop improvement plans from continuous internal IT security audits and threat modelling exercises.
  • Engage with third-party vendors, establishing and maintaining relationships with those third parties (as required).
  • Integrate and collaborate with other project and delivery teams at Alfa, such as: Technical Operations, Internal Solutions, Hosting Operations, Finance and Sales.
  • Comply with any other requirements set out in the information security roles and responsibilities.

Required experience /qualifications

  • Bachelor's degree (or equivalent) from a top university.
  • Associate Chartered Accountant (ACA) qualification offered by the Institute of Chartered Accountants in England and Wales (ICAEW) (fully qualified).
  • Good knowledge and experience of SOC 1 and SOC 2 examination and attestation requirements.
  • Experience with both internal and external IT assurance projects/engagements.
  • Good knowledge of IT audit techniques.
  • Capable of working independently.
  • Strong analytical and interpersonal skills with the ability to communicate complex and technical issues clearly and succinctly.
  • Eligible to work in the UK without restriction.
  • Minimum 3 years experience in related roles. This experience can be from an organisation which is SOC 1 and SOC 2 certified or from working in a major audit firm conducting SOC 1 and SOC 2 audits.


Preferred experience /qualifications

  • Awareness of EU/UK legislation / regulation, such as: Digital Operational Resilience Act (DORA) and Digital Services Act (DSA).
  • Application of ISO 27001:2022 Information security, cybersecurity and privacy protection - Information security management systems - Requirements.
  • Familiarity with ISO 27001 certification audit process/requirements.
  • Application of ISO 27005:2022 Information security, cybersecurity and privacy protection - Guidance on managing information security risks or NIST Risk Management Framework.
  • Application of ISO 27018:2019 Code of practice for protection of personally identifiable information (PII) in public clouds acting as PII processors.
  • Awareness of data privacy legislation including GDPR and e-Privacy Regulation.
  • Understanding and experience of the 'Three Lines of Defence' model environment.
  • Achievement of ISACA Certified Information Security Auditor (CISA), ISACA Certified Information Security Manager (CISM) or equivalent.

Top Skills

Isae
Iso
Ssae
The Company
Royal Oak, MI
507 Employees
Hybrid Workplace
Year Founded: 1990

What We Do

Alfa (formerly CHP Consulting) has been delivering systems and services to the global asset and automotive finance industry since 1990.

Our best practice methodologies and specialised knowledge of asset finance mean that we deliver the largest system implementations and most complex business change projects. With an excellent delivery history over our 27 years in the industry, Alfa's track record is unrivalled.

Alfa Systems, our class-leading technology platform, is at the heart of some of the world's largest asset finance companies. Key to the business case for each implementation is Alfa Systems'​ ability to consolidate multiple client systems on a single platform. Alfa Systems supports both retail and corporate business for auto, equipment, wholesale and dealer finance on a multijurisdictional basis, including leases/loans, originations and servicing. An end-to-end solution with integrated workflow and automated processing using business rules, the opportunities that Alfa Systems presents to asset finance companies are clear and compelling.

With over 30 current clients and 26 countries served, Alfa has offices all over Europe, Asia-Pacific and the United States. For more information, visit alfasystems.com.

Similar Jobs

CSC Logo CSC

Senior Manager of Compliance

Fintech • Legal Tech • Software • Financial Services • Cybersecurity • Data Privacy
London, Greater London, England, GBR
8000 Employees

Mbanq Logo Mbanq

Compliance Analyst

Financial Services
Cambridge, Cambridgeshire, England, GBR
66 Employees

AVEVA Logo AVEVA

Licence Compliance Associate - Software Piracy

Agency • Artificial Intelligence • Cloud • Internet of Things • Software • Automation
Cannon Street, London, Greater London, England, GBR
6970 Employees

IPG Mediabrands Logo IPG Mediabrands

Audit & Compliance Manager - Mediabrands UK&I

AdTech • Digital Media • Marketing Tech
London, Greater London, England, GBR
10936 Employees

Similar Companies Hiring

Jobba Trade Technologies, Inc. Thumbnail
Software • Professional Services • Productivity • Information Technology • Cloud
Chicago, IL
45 Employees
RunPod Thumbnail
Software • Infrastructure as a Service (IaaS) • Cloud • Artificial Intelligence
Charlotte, North Carolina
53 Employees
Hedra Thumbnail
Software • News + Entertainment • Marketing Tech • Generative AI • Enterprise Web • Digital Media • Consumer Web
San Francisco, CA
14 Employees

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account