Info Sec Audit and Compliance SME
Field of expertise: Risk | Permanent employment
Info Sec Audit and Compliance SME
Remote within Europe (must be living and able to work in Europe legally)
We are seeking an experienced and results-oriented IS Audit Compliance SME with a strong focus on the SOX and COBIT frameworks to act as an SME for our client within the IS/IT GRC compliance program. As an IS/IT Audit Compliance SME, you will be responsible for developing and maintaining an effective IT control environment, ensuring compliance with regulatory requirements, and enhancing the overall control framework. This position offers a unique opportunity to make a significant impact on our client’s governance, risk management, and compliance efforts across multiple locations.
Responsibilities:
For more information, contact Randy Munro at Randy@summitag.ch or +41 41 588 1286
ApplyRemote within Europe (must be living and able to work in Europe legally)
We are seeking an experienced and results-oriented IS Audit Compliance SME with a strong focus on the SOX and COBIT frameworks to act as an SME for our client within the IS/IT GRC compliance program. As an IS/IT Audit Compliance SME, you will be responsible for developing and maintaining an effective IT control environment, ensuring compliance with regulatory requirements, and enhancing the overall control framework. This position offers a unique opportunity to make a significant impact on our client’s governance, risk management, and compliance efforts across multiple locations.
Responsibilities:
- Develop and execute a comprehensive IT/IS audit compliance program based on the requirements of the SOX and COBIT frameworks, ensuring alignment with industry best practices and regulatory guidelines.
- Act as an SME, providing guidance, training and advice to the 1st and 2nd lines of defence to ensure the team's professional growth and effectiveness.
- Evaluate the organization's IT risk profile, including the identification and assessment of emerging risks, and develop strategies to mitigate those risks.
- Collaborate with cross-functional teams to design and implement effective IT control frameworks, including IT general controls, application controls, and IT security controls.
- Conduct periodic reviews and assessments of IT policies, procedures, and standards to ensure compliance with regulatory requirements and industry frameworks.
- Monitor and track the implementation of control enhancements and remediation plans, ensuring timely and effective resolution of identified deficiencies.
- Drive continuous improvements across the program/company.
- Prepare and present clear and concise reports to executive management and the Audit Committee, highlighting IT control weaknesses, findings, and recommendations.
- Provide guidance and support to business units and IT teams on control design, implementation, and compliance matters.
- Foster a culture of compliance and awareness by promoting training and communication initiatives related to IT governance, risk management, and compliance.
- Bachelor's degree in Information Technology, Business administration, or Audit/Compliance. Advanced degree and relevant professional certifications (e.g., CISA, CISSP, CRISC) are highly desirable.
- Proven experience (10 years) in IT audit compliance management, preferably within a global manufacturing company.
- Extensive knowledge and expertise in the SOX and COBIT frameworks, with a track record of successfully implementing and maintaining IT controls and compliance programs.
- Strong understanding of other relevant regulations and frameworks, such as GDPR, ISO 2700x, and NIST Cybersecurity Framework.
- In-depth knowledge of IT general controls, application controls, and IT security principles, as well as experience with risk assessment methodologies.
- Demonstrated experience in leading IT audits, including planning, scoping, execution, and reporting.
- Familiarity with data analytics and the use of tools such as ACL, IDEA, or Tableau for auditing and compliance purposes is a plus.
- Excellent leadership and team management skills, with the ability to motivate and inspire a diverse team of professionals.
- Strong communication and interpersonal skills, with the ability to effectively engage and collaborate with stakeholders at all levels of the organization.
- Demonstrated ability to influence and drive change in a complex and evolving environment.
- Exceptional analytical and problem-solving skills, with the ability to think strategically and identify creative solutions to complex compliance challenges.
For more information, contact Randy Munro at Randy@summitag.ch or +41 41 588 1286