Internal Auditor

Nicholas Howard is delighted to be recruiting for an Internal Auditor To join a leading tech systems integrator. Reporting to the Assurance Certification Manager, as the Internal Auditor you will own the planning and execution of risk-based audits across Quality (ISO 9001) and Information Security Management Systems (ISO 27001). You will ensure sustained compliance with mandatory standards, promote continuous improvement, and provide assurance through clear, data-driven reporting. You will also support ad-hoc assurance projects and maintain awareness of additional ISO requirements to strengthen the integrated management system (ISO 14001, ISO 45001, ISO 22301, ISO (phone number removed).

Responsibilities

Plan and Conduct Audits - develop annual and ad-hoc audit plan for the integrated management system, and execute on-site and remote audits, sampling processes, controls, and records to assess conformity.

Report Findings and Recommendations - prepare concise audit reports detailing non-conformances, observations, and opportunities for improvement, provide root cause analysis. Present actionable recommendations, with clear timelines and owners, to process stakeholders and leadership.

Follow-Up and Closure - collaborate with process owners to develop corrective action plans. Monitor progress and verify effective remediation, ensuring timely closure of audit issues.

Management Review Support - coordinate data collection and performance metrics for quarterly Management Reviews (Quality & Information Security). Draft agenda, compile meeting materials, and circulate post-meeting minutes with agreed-upon actions.

Policy and Procedure Maintenance - review and update internal audit procedures, checklists, and other relevant documentation to reflect evolving standards and best practices. Ensure all policies and supporting documentation remain current and accessible.

Cross-Functional Assurance Projects - participate in ad-hoc projects (e.g., supplier audits, business continuity testing) that require audit expertise. Raise risks based on audit findings.

Stakeholder Engagement and Training - deliver engaging training and awareness workshops on ISO 9001 and ISO 27001 requirements.

Qualifications

Qualifications & Experience:
Essential:

• Minimum 3 years’ experience as an Internal Auditor or equivalent, with hands-on ISO 27001 and ISO 9001 audit delivery.
  
  
• Certified Internal Auditor (CIA), CISA, ISO 27001 Lead Auditor, ISO 9001 Lead Auditor, or equivalent.
  
  
• Proven ability to conduct risk-based audits, gap analyses, and root-cause investigations.
  
  Desirable:
  
  
• Experience auditing additional ISO standards (e.g., ISO 14001, ISO 22301).
  
  
• Background in IT, software development, or managed services environments.
  
  Key Skills & Attributes:
  
  
• Analytical Thinking: Able to interpret complex processes and data to identify control weaknesses.
  
  
• Communication: Clear and concise report writing, confident presenter in workshops and meetings.
  
  
• Organisational Excellence: Skilled at juggling multiple audit streams and meeting tight deadlines.
  
  
• Collaboration: Builds rapport quickly, influencing stakeholders to implement improvements.
  
  
• Detail-Orientation: High degree of accuracy in audit sampling, documentation, and follow-up.
  
  Behaviours:
  
  Proactive: Anticipates risks and initiates audits and follow-up activities without prompting.
  
  Integrity: Upholds objectivity and confidentiality at all times.
  
  Continuous Learner: Keeps abreast of emerging standards and shares best practices with the team.
  
  Adaptable: Responds flexibly to changing priorities and audit scopes