Junior Internal Auditor
Compliance certifications allow our clients to be confident in the
security and privacy of our products, while also providing frameworks for
well-tuned information security management systems and programs. ISO27001
is the foundation on which the LMAX Group operates.
The LMAX Group is looking for an ambitious junior internal auditor
who may or may not have had experience as an auditor before, this may even be their first
role. Full training will be provided for the successful applicant, finding the
right person who can match the busy pace of our rapidly growing international
business is our main priority.
The post holder will be part of a team responsible for internally
auditing internal controls and security standards such as ISO27001, SOC 2, PCI
The role includes auditing the effectiveness of internal controls,
risk and security assessments, and developing policies alongside
The successful applicant will support auditees in correcting
nonconformities and provide guidance on acceptable standards. Ideally the
successful applicant will have knowledge of cyber security governance,
associated controls and effective monitoring and/or an interest in
You are a person who is looking for a role in which you can grow
into a senior auditor, who has the curiosity and the persistence to find
loopholes at both technical and process levels. We will teach the technical
skills needed. You can identify and analyse connections and linkages within the
Group’s departments and their processes to focus the audit and risk management
We realize people do not fit into neat boxes and the LMAX
Group offers some flexibility around remote working.
Main Duties & Responsibilities
- Perform ISO/IEC 27001:2013 internal audits of processes, policy, and systems for ISMS compliance.
- Perform SOC type I and II internal audits of processes, documentation and policy to support external assessments.
- Work cross-functionally with all departments and operational teams to drive governance and security control implementation for the organization.
- Work with risk owners to review and aggregate risk assessments, recommend and manage risk treatment plans.
- Interface with regulators, auditors or clients requesting RFPs, inquiries, and security audit reviews.
- Track and correct issues identified during internal and external audits.
- Support auditees in correcting nonconformities and provide guidance on acceptable standards.
- Provide guidance on information security governance and support customer enquiries around our governance controls
- Desirable ISO/IEC 27001 Certified Internal Auditor and or equivalent experience.
- Experience in Information Technology, Security Analysis, Governance, Risk and Compliance is an advantage
- Experience working with risk management processes is an advantage
- Knowledge of any of the following security standards and frameworks: SOC 2, ISO 27001, PCI DSS,
- Understanding of vulnerabilities, threats and risks at an organisational level.
- Knowledge related to cyber security governance, controls, and effective monitoring.
- Ability to work closely with auditors, regulators, and internal stakeholders and articulate technical concepts
- Excellent written and oral English communication skills
- Willingness to learn, and to share knowledge
- Genuine enthusiasm for Security and Governance
- Positive, constructive and open-minded attitude
- A problem-solving mindset coupled with a strong sense of ownership and drive.
- Practical approach to managing time and workload, to ensure tasks are completed in a timely fashion.
- Ability to understand business processes and how they affect the security stance.
- Good documentation and communication skills to communicate with a global team.
Any of the following would help you to stand out:
- ISO auditing, CISSP, CIPP, CIPM, CIPT, CISA certifications.
- Project Management skills or qualifications.
- History of study or working in areas such as networking, IT Security, Development would be desirable.
- Experience within the finance sector.
*We are an equal opportunities employer and welcome applications from all suitably qualified persons regardless of their race, sex, disability, religion/belief, sexual orientation or age.