Lead Technology / Information Security Auditor at Babylon Health, London, £Contractor Rate
Feb 23, 2021
Duration not stated
Lead Technology / Information Security Auditor - Contract
LONDON, ENGLAND /
SUPPORT SERVICES – COMPLIANCE & SECURITY /
CONTRACTOR - FULL TIME
We are a team on a mission, to put accessible and affordable healthcare in the hands of every person on earth. Our mission is bold and ambitious, and it’s one that’s shared by our team who shares our values, to dream big, build fast and be brilliant.
To achieve this, we’ve brought together one of the largest teams of scientists, clinicians, mathematicians and engineers to focus on combining the ever-growing computing power of machines, with the best medical expertise of humans, to create a comprehensive, immediate and personalized health service and make it universally available.
At Babylon our people aren’t just part of a team, they’re part of something bigger. We’re a vibrant community of creative thinkers and doers, forging the way for a new generation of healthcare. We’re only as good as our people. So, finding the best people is everything to us.
We serve millions, but we choose our people one at a time…
Purpose of the Role
The Lead Technology / Information Security Auditor is responsible for supporting Babylon’s security management and governance leaders in the development, delivery and maintenance of Babylon’s information security internal audit and technical compliance programme, to ensure Babylon complies with all relevant technology and information security legal, regulatory, contractual and business requirements.
Support the development of Babylon’s technology / information security audit strategy
Develop and maintain the information security audit programme, including audit policy, processes and procedures
Plan, lead and conduct technical audits, systems compliance and other technical checks in accordance with Babylon processes best practice methodologies
Verify that information systems and processes meet the security criteria (requirements or policy, standards and procedures)
Discuss findings and agree corrective (remediation) and preventive (improvement) actions required with control owners
Review the effectiveness of completed actions taken to close out findings
Identifies requirements for external audit resource support.
Key Skills required
Understands the legal and regulatory environment within which the business operates and has knowledge of relevant security related legal and regulatory requirements.
Good level of technical information security knowledge and experience (5+ years experience).
Good level of knowledge of information security audit methodologies and best practices (CAC or equivalent).
Broad technology industry knowledge and technical awareness to identify control suitability and opportunities improve and optimise control implementations
Demonstrable experience of managing technology compliance requirements
Strong communication and influencing skills, with personal gravitas and ability to effectively influence senior stakeholders
Effective organisation and project management skills, including business change experience
Good commercial awareness.
Is creative and pragmatic, always seeking to achieve the best achievable outcome
Is compassionate and caring towards others. They respect the views and ideas of others
Works in a straight-forward, collaborative and inclusive way and is non-political
Is tenacious, in the pursuit to delight our users. They strive for excellence in all they do and always look to improve our service and product
Regularly seeks to turn ideas into action and injects creativity into every touch point
They question common practice to challenge the norm
Frequently has a can-do attitude and a positive viewpoint
Takes ownership and always delivers against what is agreed.
Qualifications - Essential
Batchelors degree in related business, technology or information security discipline and / or 5 years work experience in a technology or information security audit or compliance role for a global organisation.
Certified Information Systems Auditor (CISA) or Cybersecurity Audit Certificate (CAC) professional qualification or other equivalent professional qualification; or commitment to obtain such a qualification within an extended 6 months probation period.
Qualifications - Desirable
Cybersecurity Practitioner Certification (CSX-P) / Member of ISACA
Certified Information Systems Security Professional CISSP / Member of ISC2
About Contract Spy
Discovering Direct IT Contract Opportunities for Contract Spy members.