Pearson Jobs

Job Information

Pearson Senior Internal Auditor - Technology and Change in United Kingdom

Senior Internal Auditor - Technology and Change (UK based)

At Pearson, we exist to help learners achieve their potential through learning at every stage of their lives, creating a better, more equitable world in the process. We have more than 20,000 employees that deliver our products and services in nearly 200 countries, all working towards a common purpose – to help everyone achieve their potential through learning. We do that by providing high quality, digital content and learning experiences, as well as assessments and qualifications that help people build their skills and grow with the world around them.We have a long history of making a positive social and environmental impact and ensuring we operate to the highest standards of ethics and governance.

As a Senior Internal Auditor, you will primarily be responsible for contributing to the delivery of the audit plan by undertaking specific audit assignments, with a focus on technology and change audits. Where appropriate, you may have the opportunity to take a lead role on some assignments. You will prepare work papers in support of work performed; discuss findings with management; and draft audit observations. You will report to one of the Audit Directors and support the Internal Audit Leadership team with audit planning, reporting, and improvement activities as needed.

Pearson’s Internal Audit team is collaborative and forward-looking. This role offers a good opportunity for someone who would relish being part of a supportive team, working in an international environment, auditing across a diverse and fast changing technology and digital environment, and developing relationships with Senior Management. The work will involve up to 20% international travel once travel resumes. The role is open to candidates in the UK as either a fully or partially remote working model, but candidates need to be willing and able to travel to London occasionally for team meetings and other events.

Main activities/responsibilities:

  • Performing a wide variety of technology, cybersecurity and integrated audits from planning and scoping, through data analysis and fieldwork, to report issue and file closure.

  • Completing programme / project reviews across the project lifecycle including areas from business case, governance, resourcing, and design through to reporting, benefits tracking and post project evaluation.

  • Discussing audit findings with management and ensuring appropriate actions are agreed to mitigate risks identified.

  • Preparing clear and concise reports, with commercially relevant recommendations.

  • Following up on the effective implementation of agreed actions, liaising closely with actions owners and business management.

  • Building and sustaining positive working relationships with colleagues in Internal Audit and stakeholders in technology and the wider business.

  • Completing ad-hoc projects and supporting investigations as required.

  • Being aware of developments in audit techniques and adapting and championing these to support continuous improvement in the way we work.

Qualifications required:

  • Degree or equivalent level

  • Recognised IT audit, project management or information security qualification (e.g. CISA, QICA, CISSP, CRISC, ISO27001 Lead Auditor, SSCP, PRINCE2, PMP, CAPM, MSP)

Experience required:

  • Proven experience in:-

  • Delivering or providing assurance over business/digital transformation, change programmes and projects, and/or

  • Broad technology auditing or IT risk and controls across IT processes, applications, infrastructure, IT security, cloud services and emerging technologies, able to understand processes and controls and identify potential risks to the business.

  • Working knowledge of industry frameworks and standards such as NIST CSF, ISO 27001/2, PCI DSS, COBIT, and ITIL.

  • Experience of auditing Agile software development methods.

  • Experience of using data analysis tools (e.g. IDEA, Tableau, Alteryx).

Desirable skills:

  • Good knowledge of IT risk management, security and control and a clear understanding of the relationship between technology and business risk.

  • Working knowledge of different project management methodologies and practical experience of delivering projects in complex global organisations.

  • Able to grasp complex technology issues and develop practical solutions.

  • Good organisational skills, able to handle multiple assignments simultaneously, resolve problems, and deliver to deadlines.

  • Good communication, relationship building and influencing skills – both written and verbal – able to communicate technical issues and recommendations to both technical and non-technical audiences at different levels in the organization.

  • Collaborative approach to working within a team and with colleagues across the business.

  • Digital and commercial focus.

  • Flexible, innovative, self-motivated, critical thinker with the ability to leverage skills in new situations.

  • Comfortable working independently in a relatively unstructured environment without the need for constant direction.


Organization: Corporate Finance

Schedule: FULL_TIME

Req ID: 2357