IT Controls Assurance Manager

Ocado Retail has a modern IT estate, operating a cloud-first IT strategy with a preference for SaaS solutions, and operates a federated governance model across those SaaS solutions. As the IT Controls Assurance Manager, you will work directly with the Data & IT Governance Lead as a key figure in safeguarding Ocado Retail's technology landscape. You will be responsible for executing and managing the IT control assurance program across all IT solutions, and for periodically reviewing and developing the IT Controls Framework. This role is critical in providing executive management and external auditors with confidence in the design and operating effectiveness of our IT control environment. The role will give the right applicant a huge level of visibility across our IT estate, and the opportunity to work with a diverse range of stakeholders across IT, information security and the wider business.

What you'll do

• Lead the ongoing delivery of a robust, risk-based IT Controls Assurance Framework, aligned with key industry standards (e.g., ISO 27001, NIST, COBIT) and regulatory requirements (e.g., GDPR, UK Corporate Code of Governance) in mind.
• Orchestrate and support the self assessment of IT controls by solution owners across IT and the wider business, and plan and execute periodic control testing and assurance reviews to evaluate design and operational effectiveness.
• Manage the tracking and timely remediation of control deficiencies, working closely with control owners and solution owners to ensure sustainable and effective fixes.
• Maintain the central repository of control documentation, testing evidence, and risk profiles.
• Develop and present clear, concise, and actionable reports on the status of the IT control environment to senior leadership and relevant governance committees.
• Act as a key point of contact for external auditors and internal audit teams regarding IT controls.

Do you have experience in NIST standards?, * Proven experience in an IT Audit, IT Risk Management, or IT Controls Assurance role, ideally within a large, complex, and fast-paced retail or financial services environment.

• Deep knowledge of IT control frameworks, including hands-on experience in testing the design and operating effectiveness of IT Controls (e.g., Identity and Access Management, Change Management, Logical Access, Backup and Recovery).
• Excellent written and verbal communication skills, with the ability to translate technical control issues into business-relevant language for executive audiences.
• Strong understanding of current and emerging technologies and their associated risks, including cloud environments (e.g., Google, Azure, AWS), SaaS, and AI.
• Relevant industry certification (e.g., CISA, CISSP, CRISC) and experience using GRC tooling (e.g., OneTrust) would be beneficial.

Our mission is to deliver joy in every shop, through unbeatable choice, unrivalled service, and reassuringly good value. We're Ocado Retail, a market-leading joint venture between Ocado Group and M&S, and the world's largest dedicated online supermarket, ocado.com. Not only is Ocado.com the only place to shop a full range of M&S food online, it's also the home to the widest online supermarket range in the UK and champion of small, independent brands. We're also the brains behind Zoom by Ocado, our same-day grocery delivery service., At Ocado Retail we're passionate about building careers and skills by giving people access to new and diverse opportunities. If you don't tick all the boxes above but have a solid IT background, a curious mindset, a passion for learning and adaptable skills to bring to the role, we still want to hear from you! What's in it for you By joining Ocado Retail, you'll have the chance to experience life at the world's largest online retailer, work with an amazing bunch of people who challenge what's possible each day, and grow your skills and career in online retail. If that's not enough to tempt you, you'll also get access to loads of great benefits to sweeten the deal. Here's a taste of what we offer: Health & Wellbeing: Private medical insurance with option to add your family, Digital GP appointments, market-leading family policies, mental health support, discounted gym memberships, dental insurance, and more. Spend & Save: Annual bonus scheme split between personal and business objectives, recognition with reward platform, up to 7% matched pension contributions, 15% Ocado discount, 20% M&S discount, free breakfast every day in the office, electric vehicle leasing scheme, and free shuttle bus from Hatfield station to the office. Never miss the moments that matter: Hybrid working, 26 days holiday plus 8 flexible bank holidays, options to buy extra holiday, 2 weeks work from anywhere, and lifestyle break opportunities.