IT Audit Lead – Applications

Our client is seeking an experienced IT Audit professional to lead reviews of key business applications and related technology. This position suits someone who enjoys taking ownership of audits end‑to‑end and translating control issues into clear, actionable improvements for stakeholders.

About the role

• Lead audits focused on business applications, from initial scoping and risk assessment through to reporting and follow‑up.
• Concentrate on high-impact applications and their interfaces, assessing whether controls over processing, data and access are robust and effective.
• Act as the go‑to person for application control matters within the audit team, guiding colleagues on how to assess automation, IT‑dependent controls and integrated processes.

What you will do

• Plan and execute risk-based IT application audits, including defining scope, audit objectives, and detailed testing approaches.
• Test application-level controls such as input validation, processing logic, reconciliations, exception handling and reporting, and evaluate how they support underlying business processes.
• Review access design and administration for critical applications, including user access provisioning, role definitions, segregation of duties and periodic access reviews.
• Assess the effectiveness of application change processes, including requirements, testing, approvals and promotion to production, to ensure changes are controlled and auditable.
• Use data analysis or other technology tools to identify unusual patterns or control gaps in application data or configuration where relevant.
• Prepare clear, concise audit observations and reports, highlighting key risks, root causes and pragmatic recommendations for technology and business stakeholders.
• Monitor and validate the remediation of agreed actions, providing feedback where additional improvements are needed.
• Coordinate, where necessary, with other assurance teams and external auditors when application audit work is used to support broader assurance needs.

What we are looking for

• Strong IT audit experience with a clear focus on applications, gained in internal audit, external audit or technology risk / assurance roles.
• Good grounding in application control concepts and how they link to IT general controls, such as access management, change management and IT operations.
• Prior experience auditing major enterprise platforms (for example, ERP, core banking, payments, trading or other large-scale systems) will be advantageous.
• Relevant professional qualification (e.g. CISA or similar IT audit/assurance certification) is preferred but not essential.

Personal qualities

• Curious and analytical mindset, comfortable understanding complex application landscapes and identifying where control issues are most likely to occur.
• Strong communication skills, able to explain technical issues in a straightforward way and influence stakeholders at different levels.
• Organised, reliable and able to manage several pieces of work at the same time while maintaining quality and meeting deadlines.

If you are an experienced IT Audit specialist who enjoys working with business applications and wants a visible, impact-driven role, please apply with your CV or reach out directly for a confidential discussion.