Senior Internal Auditor – Technology Ref. 2297

Disability confident leaderThe Prince's Responsible BusinessSocial Mobility Foundation Award

Finance, Audit and Procurement
Cheltenham, Central London
Central London: £52,171, Cheltenham: £50,639

MI5, MI6 and GCHQ help protect the UK and UK interests from threats to national security at home and abroad. We work closely as partners in the intelligence community to safeguard Britain’s people, interests and businesses from various threats including cyber-attacks, espionage, terrorism, and organised crime.
We currently have a vacancy for a Senior Internal Auditor in our IT Audit team. This role sits within our Internal Audit and Consultancy function - a diverse team that works as a trusted business partner with the agencies: protecting value, delivering insight, and developing talent and future leaders. We have privileged exposure to the work of the community as a whole and take pride in delivering high quality and impactful work, while continuously seeking opportunities to innovate our ways of working. It’s challenging, varied and meaningful work that you simply won’t find anywhere else. Find out more about our internal audit team here.

We’re looking for a committed Senior Internal Auditor to support the Deputy Head of Internal Audit for Technology. In this role you’ll manage and deliver internal audit assurance and advisory work to MI5, MI6 and GCHQ at pace, covering a wide range of topics. Your remit will focus on technology and how technology supports a range of business areas such as operations and corporate services. This will include topics that are truly unique to the intelligence community such as reviews of mission focused capabilities and adherence to the legal framework underpinning our mission work.

It goes without saying that your contribution will make a real difference. You’ll provide customers with high quality assurance, advisory and investigatory services that help strengthen and enhance our risk management, governance, and internal control arrangements.
You’ll be working on a variety of complex audits and assignments, which could range from leading and overseeing a small team to deliver a project, to conducting independent reviews to quality, budget and agreed timescales.
In line with our focus on developing talent and future leaders, career progression and development opportunities will form an important part of this role.

You’ll have a diverse and broad technology background. We particularly value experience and expertise in relation to cyber security, ITGC, change management, technology infrastructure, cloud computing and service management. You’ll also possess audit experience across data governance, data privacy and data security. Most importantly, you’ll be passionate about learning and keeping up to date with emerging technologies and trends.

Additionally, you’ll be able to understand and evaluate business arrangements quickly and be a credible communicator who can interact with staff at all levels across the organisation - taking a lead role when communicating to senior stakeholders. As a Senior Internal Auditor, you will also manage a small number of newly qualified Internal Auditors.
•    A CISA qualification or equivalent and possess an in-depth knowledge and experience of technology auditing. A qualification in internal audit (e.g. IIA or equivalent) is desirable.
•    A solid and demonstrable internal audit and risk management background in the public and/ or private sector.
•    Experience of performing complex, high and medium risk technology focussed internal audits, and confidence in navigating grey areas.
•    A broad knowledge of technology risks and controls, including core cyber security controls and technologies, operational resilience frameworks and practices, including cloud technologies.
•    Knowledge and experience of applying audit testing methodologies, data analysis, root cause analysis and strong report writing skills. This should include the ability to review the design of control processes and their operating effectiveness, while continuously looking at ways to improve the efficiency and effectiveness of these processes.
•    An ability to lead small teams to deliver a portfolio of audit assignments and manage competing priorities and deliver audit work at pace, to time and quality commitments.
•    The ability to engage and build relationships with internal and external stakeholders. This should include experience of successfully negotiating and communicating with customers at all levels within the organisation, to deliver difficult messages and influence change in a collaborative way.
•    A proactive mindset, and able to identify methods or approaches to continuously improve internal audit capabilities and ways of working.
•    Demonstrable people management experience.
•    Experience of data analytics, including use of SQL and / or VBA excel to query data and use of data visualisation software such as Qlik Sense, Tableau or Power BI is desirable, but not essential for this role.
•    Experience of providing assurance over change and transformation programmes is also desirable, but not essential for this role.


•    25 days annual leave (rising to 30 days after 5 years’ service) and 10.5 public and privilege holidays
•    Financial support for learning and development
•    Interest free season ticket loan
•    Excellent pension scheme
•    Cycle to work scheme
•    Subsidised gym, restaurant and coffee bar
•    Flexible Working opportunities

At MI5, MI6 and GCHQ we’re proud of our inclusive and supportive working environment that’s designed to encourage open minds and attitudes. As an organisation that values and nurtures talent, we’re committed to helping you fulfil your potential. With comprehensive training and development opportunities, tailored to your needs and the requirements of your work, we’ll enable you to flourish in your role and perform to the very best of your abilities.
Although you’ll be based in London or Cheltenham, travel within the UK is essential, with a possibility of occasional overseas travel. You will also need to live within a commutable distance of your work location. We do not cover relocation costs but there will also be the opportunity to work from home during part of your working week.


We have a serious job, but that doesn’t mean we’re serious all the time. Everyone’s called by their first name and as we work in a collaborative environment, friendships develop – perhaps because we can talk about our work with each other, but mainly because we’re a welcoming bunch. It’s a very supportive place to work and teamwork really is key.

It’s also important that everyone has a good work-life balance. That’s why in this role we offer compressed hours and flexible working.

We also work hard to ensure our people can bring their whole self to work. Aside from fostering a welcoming, supportive, and open culture, we’ve got a range of growing affinity groups.

Find out more on our diversity pages.

You’ll also find a range of sports and social groups to help you settle in and connect with people with similar interests. In fact, we’ve won numerous awards for our inclusive working environment.


To work at MI5, you need to be a British citizen. We do have a strict drugs policy, so once you start your application, you can’t take any recreational drugs and you’ll need to declare your previous drug usage at the relevant stage.

Honesty and integrity are important qualities that we look for in our staff. Take some time to read about the vetting process and make sure you meet the criteria in the vetting pages of the ‘Applying for Jobs’ section.

The process can take some time, but this is just because it’s thorough. Giving misleading information and omitting or concealing information during the recruitment and vetting process is viewed very seriously.

Due to the sensitive nature of our work, you’ll need to be discreet, and you should not discuss your application, other than with your partner or a close family member. If you join us don’t worry - while you can’t tell your wider family and friends what you do, you can continue to use social media and lead a completely normal life.


We’re proud to be a ‘Disability Confident’ organisation and have achieved ‘Leader’ status within the Department for Work and Pension’s scheme. We ensure that a fair and proportionate number of disabled applicants that meet the minimum criteria for this position will be offered an interview, (this is known as Offer of an Interview). To secure an interview for this role, the minimum criteria (in order of application process) are:

Eligibility Questions - You will be asked a series of questions relating to this vacancy. If you meet the criteria, you will be directed to the application form.
On successful completion of this application form and passing the application sift, you will be invited to a video interview. This is our ‘offer of interview.’

The first thing we will ask you to do is complete our pre-screening questions to find out if you meet our initial criteria. If you do meet these criteria, we will then ask you to fill out a full application form where you will need to create a log in and provide your full name, email address and a memorable password.

Our recruitment team will conduct a sift of your application and successful applicants may be invited to a short video interview that will explore your audit experience and interest in the role. All successful applicants who pass this stage will be invited to a final online interview where you will have the opportunity to demonstrate key behaviours relevant to the role.

If you pass the final online interview, we will then start the vetting process, which includes a Security Interview. This interview is an important part of the selection process. It’s an interview to explore your life and experiences, and it’s not a competency or capability-based interview. We have taken appropriate measures to ensure that our buildings are COVID secure, and this interview will take place in line with current government guidance around social distancing and COVID procedures.

Please note, you must successfully pass each stage of the process in order to progress to the next and your application may take around 6 - 9 months to process.


At MI5 diversity and inclusion are critical to our mission. To protect the UK, we need a truly diverse workforce that reflects the society we serve. This includes diversity in every sense of the word: those with different backgrounds, ethnicities, gender identities, sexual orientations, ways of thinking and those with disabilities or neurodiverse conditions. We therefore welcome and encourage applications from everyone, including those from groups that are under-represented in our workforce.

Eligibility Criteria

To be eligible to apply, you must be a British Citizen. One of your parents must be a British Citizen or must have one of the nationalities or citizenships from one of the following: British Overseas Territory, British Subject, British National (Overseas), British Overseas Citizen, British Protected Person, citizenship of a country in the Commonwealth, citizenship of a country in the European Economic Area (EEA), or citizenship of the United States of America (USA). If deceased, they should have had such citizenship or nationality before death. If you hold dual nationality, of which one component is British, you will nonetheless be considered. If successful, you will not normally be required to give up your non-British citizenship but, as a condition of your employment or secondment, MI5 may impose restrictions on your postings, work travel and/or general use of that nationality. Candidates must normally have been resident in the UK for seven out of the last ten years. This is particularly important if you were born outside the UK. Each case will be carefully considered on its own facts. You can apply at the age of 17 years and 6 months, if successful you will not be offered a start date prior to your 18th birthday. Discretion is vital. You should not discuss your application, other than with your partner or a close family member. Please note, you should only launch your application from within the UK. If you are based overseas, you should wait until you visit the UK to launch an application. Applying from outside of the UK will impact on our ability to progress your application. Further information on our eligibility criteria can be found on the Applying section.

Please be aware that we withhold the right to bring forward the closing date for this role from the original closing date once a certain number of applications have been received. Please be mindful of this and submit your application at your earliest convenience to avoid disappointment.

This Program / Vacancy is closed to applications.