ASOS and the team
ASOS is an online retailer for fashion-loving 20-somethings around the world, with a purpose to give its customers the confidence to be whoever they want to be. Through a market-leading app and mobile/desktop web experience, ASOS customers in over 200 markets can shop a curated edit of 85,000 products, sourced from 860 of the best global and local third-party brands and a mix of fashion-led in-house labels. Our focus on first class technology and digital innovation means our Technology (Tech) Team are fundamental to current and future successes.
The business is now looking to improve internal controls and governance to support its ongoing phenomenal growth and ambitious plans. Until recently Internal Audit at ASOS was outsourced to a third-party but to support these improvements, help meet strategic objectives, and add value Internal Audit is now being brought in-house. The newly created Internal Audit Team sits within Business Assurance, which also includes experts in Risk Management, Business Continuity, Health & Safety, and Insurance.
The successful candidate will play a key role within the Internal Audit Management Team, and will be responsible for building, developing, and managing our in-house Tech Internal Audit offering. If a blank sheet of paper appeals, this is the role for you. You will define the Tech audit universe, implement risk assessments, and design the Tech Internal Audit Methodology. You will work closely with senior stakeholders across Tech and the wider business to build effective collaborative relationships; and deliver diverse technology audits using co-source or internal staff. This is an exciting time to join a dynamic, fast paced, and ambitious company where you will have plenty of opportunity to make your mark.
You will be…
Working with the Internal Audit Management Team to define and deliver the Tech Internal Audit Strategy and Roadmap.
Leading the development of the Tech risk assessment and Tech Internal Audit Plan. Once formed, you will be responsible for delivery of the Plan from planning to fieldwork, reporting, QA reviews and budgeting.
Owning, intelligently buying, and managing co-source resource to deliver the Plan; and/or responsible for recruiting and developing any in-house Tech Internal Audit Team members if this approach is adopted in our Strategy.
A senior internal business partner to the Tech function, acting as a critical friend whilst building strong relationships with Tech directors and senior managers. Working collaboratively with your stakeholders to drive the internal control, assurance, and business maturity agendas forward whilst maintaining independence.
Responsible for following up on agreed actions, driving through change, and preparing Audit Committee reporting in relation to Tech Internal Audits.
Striving for continual improvement, identifying areas where Internal Audit can be more effective and efficient, and sharing ideas with the Team.
Identifying opportunities to deliver deeper and more efficient audits and business insight through data, as well has helping to develop and drive forward our Internal Audit Data Analytics Strategy.
An ambassador for Internal Audit as we build the profile of the function within the business and bringing our value proposition to life for our Stakeholders.
Managing or providing subject matter expertise for technology project assurance work and other internal audits as required.
We’d love to meet someone with…
A CISA/CRISC/CISM/CISSP or other relevant industry qualification and extensive post-qualification experience in practice or managing in-house/co-sourced technology audits.
A strong, diverse technical background including technology transformation, process improvement (SOx compliance an advantage), application of IT and security governance frameworks (e.g. COSO, COBIT, NIST, ISO270001, ITIL etc), and key technology domains.
Experience in auditing Oracle, Dynamics 365, in-house software/app development, IT infrastructure, cyber and information security, digital, cloud environments (Azure), IT operations, data privacy/protection and IT programmes and projects.
The ability to lead thinking on technology risk management, governance, compliance, and internal control best practice in an e-commerce/retail environment.
Excellent stakeholder management and relationship building skills.
Strong negotiation and influencing skills with the willingness to work with the business to define fit for purpose governance and controls. Someone who wants to make a difference and is excited about building a team and launching an in-house technology audit function.
Excellent verbal and written communication skills. The ability to tailor their approach to deliver clear, powerful, and succinct messages to technical and non-technical stakeholders at all levels.
Self-motivation and the ability to work pro-actively alone or as part of team. The ability to multi-task, deal with competing priorities, and someone with the flexibility and agility to work within a fast paced, ever changing business and risk landscape.
Experience with data driven auditing, and data analytics and visualisation tools would be an advantage but not essential.
What's in it for you?
Competitive salary, bonus, and pension matching.
Life insurance, private medical care, and a bespoke flexible benefits scheme catered to you including a cycle to work scheme + more.
25 days holiday + never work on your birthday again!
Huge staff discounts and access to sample sales.
Free modern onsite gym with subsidised personal training and wellness rooms.
Best in class Learning & Development schemes and career development programmes.
A dynamic social environment, from company-wide sports days, charity days, ‘Give A Week Away’ opportunities to visit our charity partners in India, and company-wide celebrations to name just a few.