Job Locations NL-Rotterdam

Posted Date 2 months ago(10/04/2024 21:57)

Job ID

2023-3288

# of Openings

1

Category

Finance

PURPOSE

The purpose of this role is to perform IT audits of SITA corporate procedures, processes and sites throughout the world and to prepare factual audit reports and communications informing management and stakeholders of risk areas and issues identified.

KEY RESPONSIBILITIES

• Perform independent IT audits in accordance with the audit schedule approved by the Audit and Risk Management Committee or in response to a Management request
• Prepare for independent audits and field work with the purpose of evaluating
  • IT and/ or Cyber Security processes as well as the design, implementation and operating effectiveness of associated controls
  • Compliance with applicable IT, Cyber and/or Data Protection laws regulations and internal procedures.
  • Compliance with IT, Cyber and/or Data Protection standards (e.g. ISO 27001, NIST, ITIL, ...)
• Lead and/or participate in IT and Cyber Security audit projects
• Communicate the status and results of audit work to the auditees and prepare factual reports to inform management on issues;
• Formulate and agree with auditees on implementation schedules to rectify control anomalies and weaknesses and introduce improvements
• Promptly inform management of any critical issues and lapsed deadlines
• Detect areas of potential risk exposure prioritize according to the level of risk and help determine which areas need to be included in the annual audit schedule
• Support the internal audit team by reviewing information flows and systems
• Contribute to the development of audit methodology and tools such as audit programs and risk assessment tools
• Follow up on implementation of audit recommendations to ensure added value is brought to the company.

EXPERIENCE

• 2-4 years experience in external/internal IT auditing.
• Assurance services and SOC1 / SOC2 reports (e.g. ISAE 3402, ISAE 3000, SSAE16, SSAE18)

NICE-TO-HAVE SKILLS

• Good knowledge of IT standards (e.g. ITIL v4, ISO 20000, ...)
• Good knowledge of Cyber Security subject matter as well as associated standards (NIST, ISO 27001, ISO 27002, ISO27017)
• Good knowledge of Control Objectives for Information and Related Technology (COBIT)
• Experience of IT Auditing as well as corresponding risk and control management
• Experience with Data Privacy and Data Protection (e.g. GDPR, ...)
• Knowledge of Business Continuity Management (e.g. ISO 22301) is a plus
• Good spoken and written English; other languages a plus
• Cross cultural awareness
• Relationship management skills
• Able to exercise good judgment
• Solution oriented
• Knowledge of Institute of Internal Auditors (IIA) standards
• Able to travel and work globally
• Knowledge of ATI business sectors and core processes is a plus

PROFESSION COMPETENCIES

• Attention to Detail - Ability to focus on risks and what matters for the organization
• Audit (Risk and Internal Control)
• Business Acumen
• Negotiation
• Project Management
• Risk Analysis

EDUCATION & QUALIFICATIONS

• Bachelor degree in Information Technology and/or Cyber Security

Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.

Share on your newsfeed