Reporting to the Delivery & Operations Governance, Risk & Compliance Director, as the Internal Auditor you will own the planning and execution of risk-based audits across our  Information Security Management Systems (ISO 27001). You will ensure sustained compliance with mandatory standards, promote continuous improvement, and provide assurance through clear, data-driven reporting. You will also support ad-hoc assurance projects and maintain awareness of additional ISO requirements to strengthen our integrated management system (ISO 14001, ISO 45001, ISO 22301, ISO 20000-1).

This is an initial 12 month fixed term contract. 

Hybrid - remote working with 2-3 days a month in Portsmouth.

1. Plan and Conduct Audits:

• Develop annual and ad-hoc audit plan for the integrated management system.
• Execute on-site and remote audits, sampling processes, controls, and records to assess conformity.

2. Report Findings and Recommendations:

• Prepare concise audit reports detailing non-conformances, observations, and opportunities for improvement, provide root cause analysis.
• Present actionable recommendations, with clear timelines and owners, to process stakeholders and leadership.

3. Follow-Up and Closure:

• Collaborate with process owners to develop corrective action plans.
• Monitor progress and verify effective remediation, ensuring timely closure of audit issues.

4. Management Review Support:

• Coordinate data collection and performance metrics for quarterly Management Reviews (Quality & Information Security).
• Draft agenda, compile meeting materials, and circulate post-meeting minutes with agreed-upon actions.

5. Policy and Procedure Maintenance:

• Review and update internal audit procedures, checklists, and other relevant documentation to reflect evolving standards and best practices.
• Ensure all policies and supporting documentation remain current and accessible.

6. Cross-Functional Assurance Projects:

• Participate in ad-hoc projects (e.g., supplier audits, business continuity testing) that require audit expertise.
• Raise risks based on audit findings.

7. Stakeholder Engagement and Training:

• Deliver engaging training and awareness workshops on ISO 9001 and ISO 27001 requirements.

Qualifications & Experience:
1. Essential:

• Minimum 3 years’ experience as an Internal Auditor or equivalent, with hands-on ISO 27001 and ISO 9001 audit delivery.
• Certified Internal Auditor (CIA), CISA, ISO 27001 Lead Auditor, ISO 9001 Lead Auditor, or equivalent.
• Proven ability to conduct risk-based audits, gap analyses, and root-cause investigations.

2. Desirable:

• Experience auditing additional ISO standards (e.g., ISO 14001, ISO 22301).
• Background in IT, software development, or managed services environments.

Key Skills & Attributes:

• Analytical Thinking: Able to interpret complex processes and data to identify control weaknesses.
• Communication: Clear and concise report writing, confident presenter in workshops and meetings.
• Organisational Excellence: Skilled at juggling multiple audit streams and meeting tight deadlines.
• Collaboration: Builds rapport quickly, influencing stakeholders to implement improvements.
• Detail-Orientation: High degree of accuracy in audit sampling, documentation, and follow-up.

Behaviours:

• Proactive: Anticipates risks and initiates audits and follow-up activities without prompting.
• Integrity: Upholds objectivity and confidentiality at all times.
• Continuous Learner: Keeps abreast of emerging standards and shares best practices with the team.
• Adaptable: Responds flexibly to changing priorities and audit scopes.

What we care about:

At Bell, we believe that we are stronger together, and promote an open, collaborative culture where everyone is encouraged to be involved in the shaping of our business.

We value diversity!

We seek to employ a workforce representative of the markets that we serve and work hard to ensure that all of our staff have the opportunity to thrive within a friendly and inclusive environment.

Why join Bell:

Why join bell:

• We prioritise internal development opportunities and offer access to our Udemy training platform with over 5000 training courses
• Competitive Salary
• Flexible remote working
• A generous company pension
• 25 days annual leave entitlement plus bank holidays and the option to purchase 5 extra days!
• Healthcare and dental insurance
• Life assurance
• Cycle to work scheme
• A diverse and inclusive work culture
• Modern vibrant workplaces
• Exclusive discounts with major retailers, discount gym memberships and access to our wellness centre