Junior Internal Auditor

  • Technology
  • London, United Kingdom

Junior Internal Auditor

Job description

Compliance certifications allow our clients to be confident in the security and privacy of our products, while also providing frameworks for well-tuned information security management systems and programs. ISO27001 is the foundation on which the LMAX Group operates.

The LMAX Group is looking for an ambitious junior internal auditor who may or may not have had experience as an auditor before, this may even be their first role. Full training will be provided for the successful applicant, finding the right person who can match the busy pace of our rapidly growing international business is our main priority.

The post holder will be part of a team responsible for internally auditing internal controls and security standards such as ISO27001, SOC 2, PCI DSS.

The role includes auditing the effectiveness of internal controls, risk and security assessments, and developing policies alongside stakeholders.

The successful applicant will support auditees in correcting nonconformities and provide guidance on acceptable standards. Ideally the successful applicant will have knowledge of cyber security governance, associated controls and effective monitoring and/or an interest in cryptocurrency.

You are a person who is looking for a role in which you can grow into a senior auditor, who has the curiosity and the persistence to find loopholes at both technical and process levels. We will teach the technical skills needed. You can identify and analyse connections and linkages within the Group’s departments and their processes to focus the audit and risk management approach.

We realize people do not fit into neat boxes and the LMAX Group offers some flexibility around remote working.

Main Duties & Responsibilities

  • Perform ISO/IEC 27001:2013 internal audits of processes, policy, and systems for ISMS compliance.
  • Perform SOC type I and II internal audits of processes, documentation and policy to support external assessments.
  • Work cross-functionally with all departments and operational teams to drive governance and security control implementation for the organization.
  • Work with risk owners to review and aggregate risk assessments, recommend and manage risk treatment plans.
  • Interface with regulators, auditors or clients requesting RFPs, inquiries, and security audit reviews.
  • Track and correct issues identified during internal and external audits.
  • Support auditees in correcting nonconformities and provide guidance on acceptable standards.
  • Provide guidance on information security governance and support customer enquiries around our governance controls


Technical Skills:

  • Desirable ISO/IEC 27001 Certified Internal Auditor and or equivalent experience.
  • Experience in Information Technology, Security Analysis, Governance, Risk and Compliance is an advantage
  • Experience working with risk management processes is an advantage
  • Knowledge of any of the following security standards and frameworks: SOC 2, ISO 27001, PCI DSS,
  • Understanding of vulnerabilities, threats and risks at an organisational level.
  • Knowledge related to cyber security governance, controls, and effective monitoring.
  • Ability to work closely with auditors, regulators, and internal stakeholders and articulate technical concepts
  • Excellent written and oral English communication skills

Soft Skills:

  • Willingness to learn, and to share knowledge
  • Genuine enthusiasm for Security and Governance
  • Positive, constructive and open-minded attitude
  • A problem-solving mindset coupled with a strong sense of ownership and drive.
  • Practical approach to managing time and workload, to ensure tasks are completed in a timely fashion.
  • Ability to understand business processes and how they affect the security stance.
  • Good documentation and communication skills to communicate with a global team.

Any of the following would help you to stand out:

  • ISO auditing, CISSP, CIPP, CIPM, CIPT, CISA certifications.
  • Project Management skills or qualifications.
  • History of study or working in areas such as networking, IT Security, Development would be desirable.
  • Experience within the finance sector.

*We are an equal opportunities employer and welcome applications from all suitably qualified persons regardless of their race, sex, disability, religion/belief, sexual orientation or age.