Job Description
Since our launch in 2015, we’ve lent over £10bn to ambitious entrepreneurs up and down the UK. That’s led to the creation of over 40,000 new jobs and over 29,000 new homes – and we’re not about to stop there. We’re dedicated to helping trailblazing businesses’ thrive and our Finance team are the drivers of our growth.
As an IT and Cyber Security Auditor, you will be responsible for planning, executing, and reporting on a wide range of audits covering IT security, business automation, cloud infrastructure, and digital transformation across OakNorth Bank plc. You will provide independent assurance to senior management that the Bank’s technology environment—including its growing use of Generative AI—is secure, resilient, and well-governed.
This role also includes guiding the Bank’s responsible adoption of Generative AI (GenAI) technologies while helping build capabilities within the Internal Audit team, including mentoring and developing junior staff members.
This is a fantastic opportunity to join a fast-paced, growing bank with a reputation for doing things differently. We don’t want another cog in the machine, we’re looking for self-starters and bold thinkers who want to pave their own career paths.
Are you ready to step up to the challenge?
Key Responsibilities:
- Lead and Deliver Audits: Plan, execute, and report IT and cyber security audits covering ITGCs, cloud (AWS/Azure), networks, data protection, automation, and digital transformation initiatives. Manage audits independently or with co-sourced partners, ensuring end-to-end delivery.
- Support GenAI Risk Assurance: Assess risks and controls related to the Bank’s adoption of Generative AI—covering governance, data integrity, ethical usage, access controls, and operational safeguards. Leverage GenAI tools to enhance audit execution and insight generation.
- Evaluate Cybersecurity and Resilience: Review threat detection capabilities, cybersecurity controls (e.g., IAM, DLP, IDS/IPS), and response readiness. Challenge business continuity, disaster recovery, and incident response plans, including backup processes and RPO/RTO targets.
- Stakeholder Engagement and Reporting: Provide clear, actionable reporting to senior management and collaborate with Technology, Risk, and Operations teams to strengthen control environments and drive improvements.
- Team Development and Methodology Improvement: Guide, coach, and mentor junior auditors; contribute to the evolution of IT audit methodology to reflect emerging technologies, risks, and regulatory expectations.
What We’re Looking For:
Must-Haves:
- Overall experience of 8 years with Minimum 3 years of experience in IT audit or cyber risk, ideally within banking, fintech, or a Big 4 advisory firm.
- Degree in Information Technology, Computer Science, or a related field with a strong academic record.
- At least one globally recognized IT audit/security certification (e.g., CISA, CISSP, ISO 27001 LA);
- Familiarity with GenAI use cases and associated risks in an enterprise setting.
- Strong understanding of frameworks like NIST, ISO 27001, COBIT, COSO, and ITIL.
- Experience using GRC tools and a passion for applying technology in audit work.
Preferred Traits:
- High drive and bias for action—brings energy and momentum to audit delivery.
- Clear and structured communicator who simplifies complexity and delivers insights.
- A collaborative leader who uplifts others—coaches, mentors, and supports junior colleagues.
- Operates with integrity and directness—“say it as it is” mindset.
- Trusted and respected by peers and stakeholders at all levels of the organization.
- Fast learner and problem-solver who thrives in a changing environment.
