Information Technology Audit Manager

Job Title: Internal Audit Manager - Third Parties Assurance and Business Resilience

Location: London

Hybrid: 4 days in the office, 1 day working from home per week

Audit & Risk Recruitment is proud to partner with a global FinTech business with an ambitious growth agenda and a strong commitment to maintaining a robust control environment. As part of their continued expansion, the company is strengthening its global Internal Audit function and seeking an experienced Internal Audit Manager to speacialise in 3rd party riska and Resiliance.

This is a critical and high-impact role for someone who thrives on autonomy, has a strong understanding of third-party and resilience risk, and is passionate about delivering value-added assurance in a dynamic environment.

In this role, you will be a key strategic partner to the Head of Internal Audit, helping shape our assurance strategy and annual audit planning. You will also lead the development of a continuous third-party assurance framework to monitor the ongoing performance and risk of external service providers.

Key Responsibilities

• Lead Risk-Based Audits : Plan, execute, and report on internal audits focused on third-party management, outsourcing governance, operational resilience and business continuity.
• Third Party Assurance : Design and implement a continuous monitoring framework to assess third-party risk and compliance, with a focus on regulatory and contractual obligations.
• Stakeholder Engagement : Build strong, trust-based relationships across business functions to ensure a collaborative and forward-looking audit practice.
• Annual Risk Assessment & Planning : Partner with the Chief Internal Auditor and Head of Internal Audit in conducting the annual risk assessment and contribute to the development of the annual internal audit plan.
• Professional Practices : Support audit methodology enhancement, including integration of third-party risk considerations across the audit universe. Promote collaboration and continuous improvement within the Internal Audit function.
• Regulatory Insight : Stay informed on evolving regulations (e.g. FCA PS21/3, DORA), and other industry developments impacting operational resilience and technology risk.
• Innovation & Curiosity : Proactively research emerging technologies, risks, and control solutions, maintaining a learning mindset and bringing new ideas to the audit approach.

What we’re looking for

• Proven experience in internal audit, risk, or assurance roles within finTech is essential.
• Demonstrated experience in third-party / vendor risk management and assurance reviews is essential.
• Experience auditing or working in the First or Second Line of Defence IT, information security and operational risk functions.
• Knowledge of operational resilience regulations, such as FCA operational resilience and DORA.
• Ability to produce clear, concise, and insightful audit reports.
• Able to work independently in a fast changing business environment and manage shifts in priorities.
• Relevant professional certifications such as CIA, ACA, CISA or equivalent
• Exposure to cloud environments (e.g. AWS, GCP), including knowledge of cloud management principles would be a plus.