Scope

• Lead risk-based IT & Operations audits covering governance, security, infrastructure, and application controls.
• Drive SOX/J-SOX readiness with strong focus on IT General & Application Controls.
• Enhance audit efficiency through automation, dashboards, and advanced data analytics.
• Collaborate with global teams to strengthen compliance, risk management, and continuous improvement.

What You Will Do

• Successfully participate in the planning, execution and completion of audits following a risk-based methodology in line with Division and Industry Standards as well as regulatory requirements, support recommendations for internal control improvements and preparation of audit reports providing clear messages on key risks and key audit issues.
• Participate in the planning, assessment, testing and reporting phases of audits covering IT governance, systems infrastructure, information security, application controls, and operational activities.
• Perform independent and objective assessments of risks and controls to improve risk management practices and assess controls for compliance with laws, regulations, company policies and business needs.
• Prepare or review documentation of audit work in adherence with the division’s risk-based audit methodology and industry standards.
• Establish strong relationships within the Corporate Audit function.
• Develop a good understanding and knowledge base of the company’s operations and establish effective business relationships within the company.
• Gain and apply a thorough understanding of audits and assigned functions, including utilization of technology and active usage of Data Analytics.
• Demonstrate, maintain and expand your knowledge of financial and operational internal control methodologies and terminologies (e.g. COSO, COBIT), process and control industry standards, audit industry best practices and regulatory expectations, risk management practices and techniques as well as supervisory regulatory requirements.
• Perform J-SOX IT General Control and IT Application Control testing.
• Prepare the appropriate framework for the IT General Controls and IT Application Controls in a US SOX environment for the purpose of IPO readiness.
• Design and deploy dashboards for internal audit and finance functions, enhancing reporting accuracy.
• Collaborate with audit and IT teams to integrate automation tools into the existing audit infrastructure; design and deploy automation may be needed.
• Lead continuous improvement initiatives to enhance the functionality and efficiency of audit automation tools.
• Develop data analytics library for hundreds of rules and run recurring (adhoc/monthly/quarterly) analytics rules for flag exceptions.

What We Are Looking For

• Ability to work independently in an international team across multiple locations with global stakeholders.
• Thorough knowledge of the European regulatory environment applicable to financial institutions and proven ability to research, interpret and apply regulatory requirements.
• Minimum 15 years of experience with IT and Operations auditing, risk management, or IT compliance.
• Proven knowledge of Information security, system development lifecycle, IT project management and end-user computing.
• Demonstrated experience testing IT general controls and application controls including electronic authorizations, application parameters, settings and/or scripts, and access to sensitive application transactions and data interfaces.
• Bachelors degree in computer science, Information Security, Information Systems, Data Science, Accounting, or a related field, or its equivalent.
• Demonstrated knowledge of Institute of Internal Auditors, NIST, COSO, COBIT, ITIL, ISO 27001, Sarbanes-Oxley and SOC 1 / SSAE 18 standards and laws and regulations applicable to the assigned area of responsibility.
• Audit experience in public accounting or internal audit, focusing on financial service or other regulated industries.
• Industry recognized certification CISA preferred, but not required