IT & Security Auditor

Context:

Within the Bucharest Hub of Société Générale Group Audit division, our team is in charge of the internal audit of information technologies and cyber-security for entities in Romania (BRD, SG European Business Services etc) but also Group Banks in regional area (8 countries).

Information technologies are critical resources for our activity. You will join our internal audit team to identify IT & cyber security risks and to build up recommendations in order to mitigate them to an acceptable level. This includes broad range of risks in areas such as alignment between IT and Business strategies, strong focus on IT security and information protection, backup and IT continuity management, application development, IT projects, etc.

Main responsibilities

As part of the internal audit team, you will intervene from the initial diagnosis of situation to the writing of report and oral restitution to stakeholders including top management. Your main goals will be for instance to:

• Understand and analyze an IT department, an application, a project or thematic area in term of risks;
• Gather required and relevant data for the mission, in compliance with confidentiality and ethic rules;
• Perform technical and organizational controls to assess the importance of risks;
• Define areas of improvement and propose solutions, formulate relevant recommendations;
• Manage the relationship with the audited entities with diplomacy while remaining independent;
• Ensure the follow-up of issued audit recommendations until risk coverage.

For senior auditors acting as Head of audit missions, you will lead teams of auditors on local or international assignments. You will be responsible for:

• Definition of mission’s objectives and structuring of audit approach; assignment of tasks to the team members and management of priorities, budget and planning;
• Management of your team and skills development;
• Overall identification and assessment of key risks related to mission’s topic;
• Ensure the quality of deliverables, the relevance and the traceability of the investigations carried out by your team, and finally the presentation of conclusions to the top management.

Candidate profile:

The following criteria constitute core pre-requisites for our IT Audit position:

• Strong IT background allowing deep understanding of the information technology and IT security area.
• Curiosity and ambition to work in an international environment (this requires travelling, up to 20% of time). Your abilities to adapt yourself, your sense of organization, and your management of priorities have been demonstrated during your previous positions.

• Excellent level of English and communication, both in written and orally. You have shown abilities to exchange with ease with different levels of management, and you have demonstrated self-control in difficult situations.

   

Professional experience:

Ideally you have also confirmed your experience for at least 2-5 years as IT Auditor or Consultant. Ideally, you are familiar with the banking industry, or have experience within strong IT department, IT consulting firm or Information security risk management.

Certifications are considered a plus (ex. CISA, CISSP, ISO2700x, COBIT a.s.o.), as well as good knowledge of local regulations related to information protection, IT and cyber security.

Offer:

• Opportunity to work in a professional and multicultural team;
• International travels - This job is located in Bucharest and includes travels for abroad missions.

• Interesting career development options with potential of personal growth and mobility within the Group