IT Internal Audit Manager

at  Straumann Group

QUALIFICATIONS:

• Understanding of Governance, IT Risks and Controls, system architecture (Linux, Windows) and programming fundamentals, network ports, protocols, architecture, information security architecture, cloud computing (AWS, M365), etc.
• Experience in audit or advisory exposure in the area of digital transformation (Cloud, Information Security, etc.)
• Customer-focused, collaborative, flexible, persistent, and results-oriented with good communication and interpersonal skills.
• Very good know-how of SAP FICO module and any other ERP are a plus.
• Strong knowledge of internal auditing standards, principles, and practices.
• Trained as IIA quality assessor is a plus.
• Fluent in English - German and any other language is an advantage.
• Willingness to travel globally approx. 40%.
• International work experience, preferably in a listed company.

EDUCATION:

• Bachelor’s Bachelor’s/ master’s degree in Information security along with professional certification CISA, CISM, CISSP, ISO 27001 Lead Auditor, CGEIT, CIA, etc.
• Fluent in English - German and any other language is an advantage.
• Willingness to travel globally approx. 30-50%.

EXPERIENCE:

• Minimum of 6-8 years of IT audit-related experience, preferably 4-5 years of experience in the Big 4 environment.
• International work experience, preferably in a listed company.
• Experience with data analytics and audit management software is a plus.

JOB PURPOSE

As an IT Audit Manager, s/he will plan and lead engagements to evaluate IT processes and security controls based on frameworks and standards such as NIST and ISO 27001. S/he will perform IT compliance assessments based on industry standards and regulatory requirements. In this role, s/he will partner with IT management and technical leads in analyzing control deficiencies and developing remediation plans to strengthen Straumann’s Internal Control System.

MAIN TASKS AND RESPONSIBILITIES:

• Plan and execute IT audits across the organization, document and report audit results in accordance with professional standards for internal auditing.
• Establish and maintain IT senior management relationship.
• Evaluate the efficiency, effectiveness, and compliance of operation processes with corporate IT policies and related compliance regulations and assist Internal Control Team to implement governance where it doesn’t exist.
• Assess the exposures resulting from ineffective or missing control practices.
• Accurately interpret audit results against defined criteria.
• Provide a written and verbal report of audit findings.
• Advice management to improve IT compliance, manage risk and bolster effectiveness.
• Conduct annual IT risk assessments with management.
• Develop and execute risk-based audit plans to evaluate the effectiveness of the organization’s internal controls, risk management, and governance processes.
• Lead and conduct internal audits, including planning, scoping, fieldwork, reporting, and follow-up activities.
• Evaluate the adequacy and effectiveness of the organization’s risk management processes and identify areas of improvement.
• Assess the effectiveness of the organization’s financial, operational, and compliance controls and provide recommendations to management for improvement.
• Identify control deficiencies, develop recommendations, and work with management to implement corrective actions.
• Communicate audit findings and recommendations to management and other stakeholders in a clear and concise manner.
• Monitor and follow up on the implementation of audit recommendations to ensure that they are effectively addressed.
• Stay current with emerging trends and best practices in internal auditing, risk management, and governance.
• Support organization-wide risk assessments to identify significant risks or exposure related to internal controls or compliance with Straumann Group’s policies and procedures, laws and regulations, efficiency of operations, and accuracy of programmatic and financial reporting.
• Support the operational and business risk assessment process.
• Close collaboration and exchange of information with external auditors.
• Support initiatives and/or contribute to other internal activities.