Overview
Tech Audit and Assurance Lead – London, Greater London
Everyone is welcome at M&S. No exceptions. It’s your background, abilities and differences that make you, uniquely you. And when you’re part of M&S, that individuality has the potential to make waves.
Summary
Summary
The purpose of this role is to lead and enhance Digital & Technologies Audit and Assurance processes. You will lead the planning, coordination, and oversight of audit and assurance activity across our Products, Platforms and Services, ensuring robust coverage of key Technology risks, embed continuous assurance, and ensure timely, balanced remediation of issues.
You will be responsible for designing and continuously improving the D&T Audit and Assurance strategy, planning and driving combined assurance approach with Internal Audit (3LoD) and supporting assurance functions across D&T on key issues, opportunities, or strategic changes, and providing insightful reporting into senior Technology and Risk governance forums. The role may also lead and coordinate stress-testing exercises to identify and address control and process gaps.
All the details
What’s in it for you
Being a part of M&S is exactly that – playing your part to bring the magic of M&S to our customers every day. We’re an inclusive, dynamic, exciting, and ever evolving business built on doing the right thing and bringing outstanding quality, value, service to every customer, whenever, wherever and however they want to shop with us.
Here are some of the benefits we offer that make working for M&S just that little bit more special…
- After completing your probationary period, you’ll receive 20% colleague discount across all M&S products and many of our third-party brands for you and a member of your household.
- Competitive holiday entitlement with the potential to buy extra holiday days!
- Discretionary bonus schemes awarded based on how you achieve your personal objectives and our performance as a business.
- A generous Defined Contribution Pension Scheme and Life Assurance.
- A dedicated welcome to our teams with a tailored induction and a wide range of training programmes to develop your skills.
- Amazing perks and discounts via our M&S Choices portal to maximise your financial and personal wellbeing.
- Industry-leading parental, adoption and neonatal policies, providing support and flexibility for your family.
- Access to a fantastic range of wellbeing support for all colleagues including access to our 24/7 Virtual GP and PAM Assist to support you and your family.
- A charity volunteer day to support a charity or cause you’re passionate about through a dedicated day away from work.
What you’ll do
As the Audit and Assurance Lead you will be responsible for leading Audit and Assurance management activities to ensure they operate in line with Internal Audit requirements, regulatory expectations, and best standards, maintaining the integrity and resilience of the M&S’s Technology systems. You will:
- Own and supervise the delivery of the D&T Audit and Assurance strategy, setting the annual and in-year plan for assurance activity in collaboration with Internal Audit and D&T Products and Platforms.
- Operate with independence from 1LoD delivery; maintain objectivity while collaborating across supporting assurance functions, and 3LoD to deliver combined assurance and eliminate duplication.
- Provide independent assurance and challenge on the adequacy and efficiency of D&T’s remediation and resolution plans, reviewing proposed actions, testing evidence of completion, and assessing whether risks and issues are fully and sustainably mitigated.
- Own the design, scoping, and delivery of technology audits and thematic reviews across D&T, using a risk-based approach to identify, assess, and report on gaps, inconsistencies, or inefficiencies in Technology processes and controls.
- Act as the senior point of contact for Audit and Assurance matters, building positive relationships with D&T leadership, Internal Audit, Risk, and external auditors while maintaining independence and objectivity.
Who you are
- Experience of IT Governance Frameworks and the application of Technology Risk protocols and Risk Standards (ISO 31000, ITIL, COBIT, COSO, NIS, SOX etc)
- Deep Technology Audit/Assurance leadership in large, sophisticated organisations; shown delivery of risk‑based plans and thematic reviews, preferably in the retail sector or a related industry.
- Experience in technical and delivery domains e.g. Cloud, SDLC/DevSecOps, identity/access, data governance/lineage, resilience/BCP‑DR.
- Proficiency in Data & Automation and applying analytics/automation in audits.
- High-level analytical approach to sophisticated technical and business problems
Everyone’s welcome
We are ambitious about the future of retail. We’re redefining, innovating and leading the industry into a more conscientious, inspiring digital era. We’re redefining how we work together and offering our most exciting opportunities yet. Marks & Spencer strives to be an inclusive organisation, trusted and admired by our colleagues, customers and suppliers. Join us and make change happen.
We are committed to building diverse and representative teams, where everyone can bring their whole selves to work and be at their best. We support each other and work together to win together.
If you feel you’d benefit from any support or reasonable adjustments during any stage of the recruitment process, please don’t hesitate to let us know when completing your application. This information will be picked up by our team, so we can try and put steps in place to help you be at your best through this process
#LI-ZF1
#LI-Hybrid
#Hybridrole
IMPORTANT: Before applying for this role, please make sure you have the right to work in the country where the role is based. Unless it clearly stipulates within in the job advert above that the hiring company is looking to or able to sponsor applicants it is deemed that the hiring employer will only consider applications from those able to comply with and work in the country where the role is based.
