Recruiterbox

We are looking for an Internal auditor to focus on auditing the firms regulatory, certification & governance compliance and providing recommendations to support the firm's goals and objectives and improving its efficiency and effectiveness.

Key experience required:

• Must have a background in a law firm. Knowledge of the Solicitors handbook, including the Solicitors accounts rules, principles & outcomes outlined in the code of conduct would be desirable, but not essential.
• Preferably, but not essential, some experience of auditing and in undertaking internal and third party audits covering regulatory and governance & controls.
• Preferably, but not essential, some experience of auditing information security management systems and certification (BS ISO/IEC 27001), plus BS ISO/IEC 27002 controls. and quality management systems in a law firm is desirable
• Ability to assess information systems processes, systems threats, vulnerabilities and risks.
• Able to understand the requirements of the business and produce/review/monitor compliance with processes and systems to undertake client work.
• Ability to write standard audit reports and deliver presentations on audit findings making recommendations to improve the efficiency and effectiveness of the firm’s operation.
• Communicate effectively and fluently with partners, managers and staff, including the ability to explain complex technical issues in terms that non-technical partners, managers and staff will understand.

Desired Skills and Experience

• Background in a law firm and an understanding of the Solicitors handbook, including the Solicitors accounts rules and code of conduct.
• Preferably some experience of auditing in a law firm and undertaking internal and third party audits covering; regulatory, governance & controls and an understanding of information security & quality management certifications or who want to move from the legal side into this discipline.
• Preferably some familiarisation/understanding of Information security management system (BS ISO/IEC 27001/27002) and Quality management system (BS/IEC 9001) is desirable but not essential.
• Have an attention to detail
• Ability to pick up new information up quickly.
• Ability to assess information system processes, systems threats, vulnerabilities and risks and in effective controls
• Open, honest and professional, able to keep information confidential and sets example to others
• Understanding of the principals of risk assessment & management, including operational risk as well as compliance monitoring and reporting.
• Will be confident in the use of IT systems
• Results orientated with excellent verbal and written communication and interpersonal skills and ability to interact professionally with partners/directors, managers, staff at all levels and subject matter experts.
• Our research shows that our clients and our employees would describe us as energetic, entrepreneurial & driven.