Technology Risk & Controls Assurance Analyst

Department: Technology Risk & Controls Assurance

Employment Type: Permanent - Full Time

Location: City, London

Compensation: £30,000 - £32,000 / year

The Technology Risk & Controls Assurance (TRCA) Analyst supports the delivery of technology risk and controls assurance services across financial statement audits, SOC engagements, and regulatory audits. The role provides structured exposure to IT General Controls (ITGCs), IT Application Controls (ITACs), data flows, and technology risks impacting financial reporting within a professional assurance environment.

This is an entry-level role, suitable for graduates looking to begin their career in technology assurance. You will receive structured internal TRCA training alongside supervised client delivery, enabling you to build core technical knowledge while developing practical experience in a professional assurance environment.

As part of your development, you will be supported to work towards the ISACA Certified Information Systems Auditor (CISA) professional qualification. The role is aligned to the CISA syllabus, and during your first year you will be expected to sit and pass the CISA exam within the first 18 months.

Progression beyond the Analyst grade is dependent on performance, successful completion of the required training, and passing the agreed professional exam. Ongoing development will continue beyond year one as you deepen your technical capability and client delivery responsibilities.

• Support the execution of ITGC and IT Application Control testing under supervision
• Assist with walkthroughs of business processes, systems, and controls (including documentation of narratives and data flows)
• Perform evidence collection activities (screenshots, logs, configurations, access listings, change records) and maintain robust indexing
• Prepare audit work papers in accordance with MKS methodology, ensuring review-ready documentation and clear conclusions
• Support the preparation and maintenance of Risk & Control Matrices (RACMs) and key reports/IPE listings
• Liaise professionally with client personnel to request and clarify audit evidence and resolve queries promptly
• Escalate issues, delays, or uncertainties promptly to engagement leads
• Participate fully in TRCA training and maintain completion records
• Prepare for, sit and successfully complete the ISACA CISA exam in line with role expectations

• Degree in Information Technology, Computer Science, Information Systems, Cyber Security, Engineering or a related discipline preferred; candidates from other disciplines will be considered where relevant technical knowledge can be demonstrated
• Strong analytical mindset with attention to detail and ability to work methodically
• Good written and verbal communication skills; able to document clearly and professionally
• Strong work ethic and growth mindset, with willingness to learn audit methodology and technology risk concepts
• Enthusiasm for building strong relationships and collaborating with clients and colleagues, with close support from your manager
• A proactive, results-driven attitude, ensuring excellent client service and a commitment to delivering high-quality work with integrity and professionalism
• A dedication to ethical standards, ensuring your work aligns with professional guidelines and best practices
• A commitment to understanding, built on respect, collaboration, and active listening
• Demonstrated commitment to professional development, including preparing for and completing the ISACA CISA qualification, with support from Moore Kingston Smith

• Internship or placement exposure to technology, audit, risk, compliance, or data roles
• Awareness of IT controls, assurance concepts, or cloud/SaaS environments