Pearson IT Internal Audit Manager in Durham, North Carolina
IT Internal Audit Manager (US (Durham/Hoboken) or UK (London/Belfast) based)
At Pearson, we exist to help learners achieve their potential through learning at every stage of their lives, creating a better, more equitable world in the process. We have more than 20,000 employees that deliver our products and services in nearly 200 countries, all working towards a common purpose – to help everyone achieve their potential through learning. We do that by providing high quality, digital content and learning experiences, as well as assessments and qualifications that help people build their skills and grow with the world around them. We have a long history of making a positive social and environmental impact and ensuring we operate to the highest standards of ethics and governance.
Following a recent internal promotion, we have a vacancy for an IT Audit Manager based in one of our hub locations (Durham or Hoboken, US; London or Belfast, UK).
As an IT Audit Manager, you will be responsible for leading the planning, execution and reporting of varied IT and cybersecurity audit projects to time and quality in a professional, engaged, and responsible manner. You will take the lead in communicating results to Senior Management and be key to the Internal Audit team building strong relationships with stakeholders across the business. You will report to one of the Audit Directors and support the Internal Audit Leadership team with annual audit planning, audit committee reporting, and improvement activities as needed.
Pearson’s Internal Audit team is collaborative and forward-looking. This role offers a good opportunity for someone who would relish being part of a supportive team, working in an international environment, auditing across a diverse and fast changing technology and digital environment, and developing relationships with Senior Management. The work will involve up to 20% international travel. Our key IT audit stakeholders are based in UK and US so occasionally flexibility may be required to work across these time zones. To facilitate this working from home is an option, but candidates may need to travel to their hub office once a week for team/stakeholder meetings and other events.
Leading the delivery of complex technology, application, infrastructure, and security audits, project / program audits and integrated audits. Typical audit topics are wide ranging and may include Cloud, AI, IT governance and cybersecurity amongst others.
Audit Managers are responsible for all aspects of the audit delivery including determining the risk-based audit scope, designing the approach/work program, planning and project managing the audit delivery, conducting fieldwork activities and testing, proactive discussions with business and IT management to validate audit observations, through to report issue and file closure.
Discussing audit findings with management and ensuring appropriate actions are agreed to mitigate risks identified.
Preparing clear and concise reports, with commercially relevant recommendations to improve the internal control system and address weaknesses and process inefficiencies.
Following up on the effective implementation of agreed actions, liaising closely with actions owners and business management.
Building and sustaining positive working relationships with colleagues in Internal Audit and stakeholders in technology and the wider business.
Supporting and coaching members of the team.
Completing ad-hoc projects and supporting investigations as required.
Being aware of developments in audit techniques and adapting and championing these to support continuous improvement in the way we work.
Degree or equivalent level (in Information Security, Computer Science, or similar)
Recognized IT audit or information security qualification (e.g., CISA, QICA, CISSP, CRISC, ISO27001 Lead Auditor, SSCP)
Five or more years practical experience of cybersecurity and IT auditing across IT processes, applications, infrastructure, IT security, cloud services and emerging technologies, able to understand processes and controls and identify potential risks to the business.
Good knowledge of IT risk management, security and control and a clear understanding of the relationship between technology and business risk.
Working knowledge of cybersecurity controls, network architecture, website platform development, secure coding, and virtual computing.
Able to grasp complex technology issues and develop practical solutions.
Good organizational and project management skills, able to handle multiple assignments simultaneously, resolve problems, and deliver to deadlines.
Good communication, relationship building and influencing skills – both written and verbal – able to communicate technical issues and recommendations to both technical and non-technical audiences at different levels in the organization.
Collaborative approach to working within a team and with colleagues across the business.
Digital and commercial focus.
Flexible, innovative, self-motivated, critical thinker with the ability to leverage skills in new situations.
Comfortable working independently in a relatively unstructured environment without the need for constant direction.
Experience of auditing web applications and services, network, operating system, and database security.
Experience of using cybersecurity and industry frameworks and standards such as NIST CSF, ISO 27001/2, PCI DSS, COBIT, and ITIL.
Experience of auditing Agile software development methods.
Experience of data analysis tools (e.g., IDEA, Tableau, Alteryx) and ability to support complex data extraction and analysis requirements.
Exposure to major ERP systems, preferably Oracle.
Pearson is an Affirmative Action and Equal Opportunity Employer and a member of E-Verify. We are committed to building a team that represents a variety of backgrounds, perspectives, and skills. The more inclusive we are, the better our work will be. All employment is decided based on qualifications, merit, and business need. All qualified applicants will receive consideration for employment without regard to race, ethnicity, color, religion, sex, sexual orientation, gender identity, gender expression, age, national origin, protected veteran status, disability status, or any other group protected by law.
This position is eligible to participate in an annual incentive program, and information on benefits offered is here.
What to expect from Pearson
Did you know Pearson is one of the 10 most innovative education companies of 2022?
At Pearson, we add life to a lifetime of learning so everyone can realize the life they imagine. We do this by creating vibrant and enriching learning experiences designed for real-life impact. We are on a journey to be 100 percent digital to meet the changing needs of the global population by developing a new strategy with ambitious targets. To deliver on our strategic vision, we have five business divisions that are the foundation for the long-term growth of the company: Assessment & Qualifications, Virtual Learning, English Language Learning, Workforce Skills and Higher Education. Alongside these, we have our corporate divisions: Digital & Technology, Finance, Global Corporate Marketing & Communications, Human Resources, Legal, Strategy and Direct to Consumer. Learn more at We are Pearson.
We value the power of an inclusive culture and also a strong sense of belonging. We promote a culture where differences are embraced, opportunities are accessible, consideration and respect are the norm and all individuals are supported in reaching their full potential. Through our talent, we believe that diversity, equity and inclusion make us a more innovative and vibrant place to work. People are at the center, and we are committed to building a workplace where talent can learn, grow and thrive.
Pearson is an Affirmative Action and Equal Opportunity Employer and a member of E-Verify. We want a team that represents a variety of backgrounds, perspectives and skills. The more inclusive we are, the better our work will be. All employment decisions are based on qualifications, merit and business need. All qualified applicants will receive consideration for employment without regard to race, ethnicity, color, religion, sex, sexual orientation, gender identity, gender expression, age, national origin, protected veteran status, disability status or any other group protected by law. We strive for a workforce that reflects the diversity of our communities.
To learn more about Pearson’s commitment to a diverse and inclusive workforce, navigate to: Diversity, Equity & Inclusion at Pearson.
If you are an individual with a disability and are unable or limited in your ability to use or access our career site as a result of your disability, you may request reasonable accommodations by emailing firstname.lastname@example.org.
Note that the information you provide will stay confidential and will be stored securely. It will not be seen by those involved in making decisions as part of the recruitment process.
Organization: Corporate Finance
Req ID: 11787