Assurance Inspector

Job Description

The client creates standards within the retail payments sector. DescriptionProvide robust and agile support in the management of the Bacs Approved Bureau (BAB) scheme. Provide an independent and objective evaluation and assurance of a bureaus operationsincluding: Information Technology - assess information systems to ensure that they are operating securely, and that sensitive data is secure and accurate. These reviews can align with regulations and compliance, for example PCI DSS (Payment Card Industry DataSecurity Standard), ISO 27001 (or other ISO security standards), SOC (System and Organisation Control) and BAB Scheme requirements. Operations - evaluating whether or not internal controls are sufficient and working as intended, operating procedures are beingperformed consistently and efficiently, and activities within the company are compliant with regulatory and BAB scheme requirements, industry standards, and internal policies. Performance - evaluate an organisations actual performance as compared with thegoals and objectives set by its board of directors or members of senior leadership. In accordance with the inspection process, undertake a detailed review of commercial and applicant Bureaus organisation, security and Bacs operational controls and procedures,to determine if the Bureau meets the criteria for approval as a Bacs Approved Bureau. Identify potential risks, and propose controls that help protect the integrity, confidentiality and availability of Bacs services.Principal AccountabilitiesBAB SchemeManagement o Support and contribute to the maintenance and development of the Assurance Framework process and forecasting plans. o Support the programme of works ensuring that the Bureaux Inspections are undertaken to schedule and required quality. o ManageScheme document reviews. o Provide business support and advisory services to Participants (sponsoring banks), current and potential bureaux and internal teams.Bureaux Inspections o Carry out detailed reviews of a bureaus:Organisation and policies; Professional services and commercial arrangements;Physical security;Network environment;Systems management;Logical access control;Business continuity and disaster recovery;Bacs processing and data controls;HSM and cryptographic key management.o Communicate effectively with bureau management and their employees to ensure understanding of inspection process, next steps, and to clarify any initial queries or uncertainties. o Manage the BAB scheme within budget and deadlines to all relevant parties.o Support in regular reporting to the Third Party Assurance Manager and Service Lines Management, Head of Operations, and Risk Management and to recognise and escalate key issues as appropriate. o Support and maintain effective liaison with Participant sponsoringbanks to identify possible high-risk bureaux and actions to resolve issues. Additional DutiesProvide SME expertise to wider teams Information This role involves a considerable amount of travel (approximately 50-70%) primarily across the UK with occasionaloverseas travel. Therefore, a car and clean driving licence are pre-requisites for the position. Profile Have considerable breadth of knowledge of business practice and risks, IT systems and controls and physical systems and controls, gained either in a Business,IT or audit environment. For example: access control, physical security, application security, security architecture and design, business continuity and disaster recovery, legal regulations and compliance. Demonstrate a good knowledge and understanding ofInformation Security frameworks such as ISO27001 and ISAE3000 Maintain an ongoing awareness of changes to the risk and controls associated with information and cyber security threats (formalised and self-learning) Full UK Driving License Job Offer Extensiveexperience across a variety of Payments firms and EMI, as well as a competitive day rate.