Senior IT Auditor

Job Description

The Senior IT Auditor will play a key role in ensuring CAD delivers on its mission and efficiently meets its objective. We are seeking a highly motivated and credible IT auditor to join our team who you will lead and participate in the execution of technology audits which will include, but not limited to, coordinated, IT, cybersecurity, application security, software development, data center, cloud and network security audits, ensuring compliance with regulations and policies, and identifying areas of risk within the organization. Who are you You are an expert - The successful candidate is able to apply broad technical knowledge and sound business judgment to implement IT audits and advisory projects of the technical environments at the Company, its subsidiaries and affiliates, by uncovering and exploiting any risks/vulnerabilities present across the scope of the Company s operations. Implement the assigned IT audit areas and specific elements of the risk-based audit plan in alignment to CAD s audit methodology and the Institute of Internal Auditors (IIA) International Standards for the Professional Practice of Internal Auditing. Summarize technical findings in concise and actionable recommendations for senior leadership, demonstrating excellent written and verbal communication skills. Perform activities that include planning and developing audit work programs, performing audit test procedures, identifying recommendations for continuous improvement, communicating results, and following up on issues reported. Prepare audit reports and work papers to ensure adequate documentation exists to support the completed audit and conclusions. Perform data analytics by demonstrating sophisticated data analytics tools. Possess a good understanding of the controls on the SAP platform (including system configurations, business process controls, SODs and system security). Stay ahead of the latest cyber security trends, regulatory requirements and audit standard processes and apply them while conducting audits. Conduct special projects to provide additional value services. You are curious - Have an inquisitive mind with an appetite for discovery. You are a continuous learner and like to keep yourself updated on the latest technical, cyber and data security, and emerging technology risks and trends, in order to apply the knowledge and insights gained while conducting the audits. You are a collaborator - Establish and maintain constructive relationships with audit engagement teams, supporting the audits in risk assessment, substantive procedures, and tests of efficiency, to provide actionable recommendations to the company s management. Build positive relationships to see opportunities for future movements and growth within the company. You are an innovator- You are a problem solver, with analytic thinking and ability to apply root cause analysis. You ll need to think strategically and leverage technology to deliver actionable insights and have a willingness to experiment and try new sophisticated digital tools and techniques. What you ll need (Required) Bachelor s degree in information technology, Computer Science, Engineering, or a related field. Minimum 5 years of relevant IT Auditing, Cyber Security or relevant fields required. Professional certifications are strongly preferred (i.e. CISA, CISSP, CISM, CCAK). Knowledge of the International Professional Practices Framework (IPPF), COBIT, NIST CSF 2.0, CIS and NIS 2 Directive. Technical Knowledge of : Databases, Network technologies - Firewall, IPS, WAF, Proxy, DLP, SOC operations, Application Security, Cyber Security, Cloud Security etc. Superb communication, interpersonal and analytical skills are required. Experience with auditing sophisticated tech including RPA, AI, ML etc. Good understanding of IT infrastructure components (including cloud platforms), cybersecurity frameworks and Operational Technology. Experience within Operational Technology (OT) Security, Process Control Network, SCADA. Proven experience in assessing risks and processes in sophisticated IT environments, including digitalization initiatives. Solid grasp of IT infrastructure components (including cloud platforms), cybersecurity frameworks and Operational Technology. Willingness and ability to travel, regionally and internationally, as needed, up to 30-40% of the time. What you ll need (Preferred): SAP Security knowledge. Experience with analytics and visualization tools (e.g. Domo, Google Data Studio etc.) is highly desirable. Experience working with cloud environments (e.g., AWS, Azure, GCP), containerization technologies (e.g., Docker, Kubernetes). Knowledge of cybersecurity principles and practices.