About the role
We are recruiting a Business Assurance IT Control Consultant to support the ongoing development and assurance of the organisation’s internal control environment at a critical point in regulatory change. Reporting to the Head of Business Assurance within Finance, Internal Audit & Risk, this manager‑level role will work closely with IT and Cyber Security teams to support the design, implementation, and independent testing of IT General Controls, IT Application/Automated Controls, and cyber security controls.
The role is central to meeting the requirements of the revised UK Corporate Governance Code (Provision 29), which requires Boards to attest to the effectiveness of internal controls in the annual report. As part of the Business Assurance function, you will act as a trusted advisor to management while providing second‑line assurance over the design and operating effectiveness of key IT controls across the business.
Key responsibilities
In this role, you will act as a subject matter expert for IT controls, identifying systems and automated controls that fall within scope and advising IT and control owners on the design and implementation of effective, proportionate control frameworks. You will plan, coordinate, and perform second‑line testing of IT General Controls and IT Automated Controls using standard tools and methodologies, providing clear reporting on control status, issues, and risks to senior stakeholders and governance forums.
You will work closely with control owners to assess deficiencies, determine severity, identify compensating controls, and support remediation, while also advising on segregation of duties matters and interrogating system user roles where required. The role will support the development and delivery of training for new system and control owners, embed accountability for control ownership within the first line, and drive continuous improvement through standardisation, simplification, and effective use of automation. You will also maintain awareness of evolving internal control and governance requirements, providing business‑wide guidance and coaching, and managing audit interactions for designated IT control areas.
About you
You will be an experienced IT controls, IT audit, or risk professional, comfortable operating at Manager level and influencing a wide range of stakeholders. You will bring strong technical knowledge of IT control frameworks alongside the credibility to act as a trusted advisor to IT, Cyber Security, Finance, and senior management.
You will hold a Certified IT Auditor qualification or equivalent (such as CISA, CRISC, CISM, or ISO 27001 Lead Auditor), be educated to degree level, and have a proven track record of designing, implementing, and testing IT General Controls, IT Application Controls, and cyber security controls in regulated or SOX‑driven environments. You will be confident managing multiple priorities, working to tight regulatory deadlines, and supporting control compliance through periods of business and system change. Experience of UK Corporate Governance Code requirements, Enterprise Risk Management, ITIL, COBIT, or working within a SOX‑compliant organisation is desirable.
Skills and behaviours
You will demonstrate strong strategic and analytical thinking, with a methodical and organised approach to delivery. Excellent communication and stakeholder management skills are essential, along with the ability to influence, coach, and support others. You will be adaptable, proactive, and comfortable working autonomously, with a highly committed and solution‑focused mindset.
Additional information
This is a 12‑month fixed‑term contract with occasional travel to other UK sites, and a full UK driving licence is required. Standard working hours are 39 per week (Monday–Thursday 08:00–17:00, Friday 08:00–13:00).
Belong at Aston Martin
We understand that the incredible beauty, craft and art that defines an Aston Martin comes from the inclusion of our amazing people.
We welcome the unique contributions that you can bring in terms of your education, opinions, culture, ethnicity, race, sex, gender identity and expression, nation of origin, age, languages spoken, colour, religion, disability, sexual orientation and beliefs. We celebrate diversity and are seeking applicants who can bring something different. Please speak to us if there is anything you need to support making an application with us.
The post holder will be required to comply with all policies and procedures issued by and on behalf of Aston Martin Lagonda ltd
