IT Auditor

Job description

The IT Auditor is primarily responsible for conducting a variety of IT audit assignments on a global or local scale in the areas of Data, IT Applications, IT Operations and Cybersecurity to independently assess the adequacy of the control environment and key controls design and effectiveness, and support the Group development strategy in a dynamic and evolving Technology & Data landscape.

Background: 

·  3 to 6 years of professional experience in an IT audit related role, ideally in a multinational company within a regulated financial services environment and/or in an auditing firm.
·  Master’s degree in IT Audit, Computer Science or similar
·  Professional credentials (e.g., CISA, CIA, CISSP, CFE or equivalent) or professional qualifications (ITIL, Project Management) are seen as a strong plus.

 

Personal Competencies:

·  Utmost ethics and integrity
·  Excellent level of English required (as the majority of oral and written communications are in English), as well as in French
·  Strong communication and interpersonal skills, as well as the ability to work with different cultures.
·  Strong analytical skills, good overview, critical sense and ability to deal with complex issues and influence change.
·  A team player who can also work independently and rigorously in accordance with IIA Standards.
·  Position based in Paris 16th district with travel globally up to around 20% (Americas, Europe, Asia).

 

Technical Competencies:

·  Knowledge of auditing either Cybersecurity, technology Infrastructure (including databases, operating systems and networks), application development or project management.
·  Knowledge of technology risk management principles and an understanding of relevant standards like COBIT, ITIL, ISO 27001 and NIST Cybersecurity Framework.
·  Knowledge of emerging IT Risks, internal audit trends and best practices.
·  Strong interest in new technologies (Artificial Intelligence, Machine Learning, Big data and Data Science, Robotics, etc.)

Under the supervision of the Deputy Head in charge of IT Audit:

·  Understand the business and technology environment; partner with stakeholders to provide relationship management of the associated risk and control environment
·  Execute the IT audit programs in accordance with internal audit policies, procedures, methodologies, regulatory requirements and the Standards for the Professional Practice of Internal Auditing.
·  Assess the design and operating effectiveness of IT General and Application Controls (ITGC, ITAC) through inquiry, observation, and inspection testing
·  Proactively seek ways to make the best use of data as part of our IT audit process including to inform our understanding of risks, test controls and provide relevant insights to the business
·  Provide input and assist in the identification of relevant IT standards (COBIT, ITIL, ISO 27001 and NIST Cybersecurity Framework) and regulatory requirements for incorporation as part of the audit scope and work program.
·  Deliver on time, high quality audits, reviews, and advisory projects, with participation in all phases: planning/scoping, fieldwork, and reporting
·  Communicate and discuss findings with business unit management
·  Develop audit reports which identify deficiencies and underlying root causes; provide recommendations to mitigate/address deficiencies while adding value
·  Conduct research and successfully complete assigned training requirements necessary to maintain relevance.
·  Work closely with Group Tech & Data Departments and business units at all levels to develop recommendations for audit findings, business process optimization, internal control and compliance
·  Conduct follow-up reviews of recommendations noted during audits.