IT Audit Manager, Kraków
IT Audit Manager
OANDA’s Internal Audit function is responsible for providing risk based internal audit and advisory services to provide assurance on effective risk management and control regarding OANDA’s operations, regulatory compliance, assets, reputation and financial management.
The Audit Manager performs effective planning and execution of operational and IT audits of various complexity, ensuring that audit activities are consistent with Company policies and recognized international auditing standards. For lengthy and complex audit assignments, he will be able to draw upon the support of a team of Assurance Analysts/ consultants.
Responsibilities will include:
- Independently plan and execute IT audits and business process audits, including reviews of IT project executions, applications, security, systems availability, data integrity, and infrastructure according to the annual Audit Plan and audit methodology.
- Work with the IT teams to identify and assess risk associated with the Company’s Information Technology environment.
- Conduct IT risk assessments on business and operational processes, procedures, and policies.
- Perform audits in compliance with internal auditing standards, best practices, and relevant frameworks such as: COBIT, ISO, NIST
- Draft formal audit/review reports concerning audit findings and recommendations and present the findings to Senior Management during the engagement closing meetings.
- Maintain audit issues log and perform regular follow-up with responsible individuals to ensure management’s timely completion of the remediation action plans.
- Work closely with management on findings closure to actively identify challenges and gaps.
- Liaise with external auditors to facilitate the external auditing process.
Qualifications and knowledge expected include
- Undergraduate degree in Finance, computer science or information technology related field.
- Certified Internal Auditor (CIA)/ Certified Information Systems Auditor (CISA) or Certified Information Systems Security Professional (CISSP) designation.
- Knowledge of reference IT risk and control frameworks, such as COBIT, NIST and ISO 27001/2.
- Working knowledge of accounting standards such IFRS/IAS
Experience requirements include
- 5 years of operational and IT Audit experience dealing with various areas such as- infrastructure management (e.g., network, OS Linux, Windows), databases (DB2, MYSQL, Cassandra), IT operations, logical access management (e.g., Active Directory, LDAP user management and applications access management) configuration, change management, incident and problem management, and disaster recovery management.
- Experience with IT and operation risk assessment process and the ability to form an opinion on risks and controls relating to systems and IT infrastructure, including impact to supported business areas.
- Experience with auditing large scale projects.
- Knowledge and experience in the use of data analysis tools (e.g., ACL/ Resolver) is required. Alternatively, some knowledge in scripting using Python/SQL is required.
OANDA Global Corporation is a diverse and global team with offices around the world. We value the unique skills and experiences each individual brings to OANDA. We are committed to creating and sustaining a collegial work environment in which all individuals are treated with dignity and respect and one which reflects the diversity of the community in which we operate. We provide an inclusive and accessible environment for everyone.
Candidates selected for an interview will be contacted directly. If you require accommodation during the recruitment and selection process, please let us know. We will work with you to provide as seamless a recruitment experience as possible.