Job Description – Summary of the position
We are currently recruiting for an Internal Auditor to be based in the Operational Audit department within the Governance, Risk and Compliance function. The successful candidate will have a strong background in operational audit of Information Security controls. Knowledge of ISO27001 is desirable.
This hands on role is responsible for coordinating and carrying out internal audits to provide independent assurance of the effectiveness of internal controls, customer requirements and applicable international standards, such as ISO27001.
We are looking for an experienced professional with a relevant internal audit background to enhance the function within the company. It is essential that the candidate has a pragmatic and detailed approach as well as extensive auditexperience ideally gained in an IT or service provider company where they will be familiar with typical controls in a technical environment. The role has a broad scope with exposure to an extensive range of business operations and it is essential that the candidate has an excellent appreciation of key business functions in a commercial environment.
The role is likely to require travel between our US and Canadian offices. Some additional international travel may also be required, in particular Latin America.
· Operate and maintain a rolling internal audit program for all management systems
· Assist in development and review of the audit plan, making updates and adjustments as required
· Create high quality auditreports and present these to the business in writing or orally
· Through internal audits, continuously assess departmental processes and consequently support their re-definition/streamlining to achieve greater operational efficiency and effectiveness
· Support the business in defining appropriate corrective actions to resolve any reported non-conformances
· Monitor the timely resolution of any reported non-conformances, ensuring non-conformances are appropriately progressed and closed
· Assist with ensuring the company's continued compliance withISO27001 standards, managing the systems and documentation to ensure all requirements are met
· Assist with continued certifications to ISO27001, SSAE16/ISAE3402 SOC Type II, and maintain relationships requiredwith relevant external auditors
· Assist with the handling of all other external audits and responses to customer's enquiries
· Excellent internal auditexperience, ideally gained in software or IT related businesses
· ISO27001experience desirable
· Experienced in SSAE16/ISAE3402
· Ability to manage time and workloads to ensure the smooth and efficient running of the internal audit system
· Ability to communicate confidently and concisely using business acumen
· Ability to create and maintain strong working relationships internally and externally
· Flexible to changing priorities, balanced with business pragmatism to make compliance common sense and accessible
· Attention to detail and an ability to gather, analyze and evaluate facts