Auditor responsible for conducting and documenting routine audit examinations throughout Northern Trust Corporation. Providing input to improve operational efficiency and enhance internal control effectiveness.
About the role
- Sr. Internal Auditor focusing on IT compliance and risk management for ISO 27001 standards. Leading internal audits and preparing for external certifications for a tech company.
Responsibilities
- Plan, execute, and report on internal audits to evaluate the effectiveness, adequacy, and compliance of the organization’s Information Security Management System (ISMS) for both product ISMS and internal ISMS as per ISO 27001:2022 standards.
- Conduct regular SOX activities, ITGC testing, and other IT audits as required.
- Identify gaps, assess risks, and recommend corrective and preventive actions to support continuous improvement and readiness for certification and surveillance audits.
- Develop and implement a risk‑based annual internal audit plan for ISMS, including audit frequency, scope, and objectives; map audit activities to the 93 controls in ISO 27001:2022 Annex A.
- Conduct comprehensive ISMS internal audits covering Clauses 4–10 and Annex A controls, including technical areas (encryption, network security, access control) and organizational controls (policies, HR security).
- Review ISMS documentation such as Scope, Policies, SOA, Risk Assessment, etc., for completeness and conformance to ISO 27001 requirements.
- Prepare detailed audit reports for senior management and the Board, highlighting non‑conformities, opportunities for improvement, and corrective action recommendations.
- Track remediation of findings, follow up with stakeholders, and verify implementation of corrective actions.
- Collaborate with process owners and IT management to foster a proactive security and compliance culture.
- Provide expert guidance on ISO 27001 requirements, interpretation of controls, and best practices for certification readiness.
- Prepare the organization for external certification and surveillance audits, managing documentation, alignment, and audit readiness.
- Conduct interviews and walkthroughs with process owners and SMEs using a consultative and evidence‑based approach.
- Facilitate development of audit observations, recommendations, and corrective actions; escalate issues as appropriate.
- Maintain communication with external auditors, ensuring alignment on scope, timelines, and observations.
- Perform special audits as assigned by Senior Management or the Audit Committee.
- Use data, metrics, and analytics to inform audit conclusions and support decision‑making. Uphold the firm’s Code of Ethics and Business Conduct in all audit activities.
Requirements
- Bachelor’s degree in Information Technology, Computer Science, Information Security, or a related field.
- 6+ years of experience in IT auditing with strong exposure to ISO 27001 implementation or auditing.
- Strong technical understanding of: ISO/IEC 27001:2022, ISO/IEC 27002:2022 Risk management frameworks IT General Controls (ITGCs) Cloud infrastructure, IAM, data protection mechanisms
- Ability to conduct technical and organizational control testing with strong documentation and reporting skills.
- Experience in Big 4 or large audit consulting environments highly desirable.
- Strong communication, stakeholder management, and audit execution skills.
- Ability to work independently and manage multiple audits in a fast‑paced environment.
- Mandatory Certification: ISO 27001 Lead Auditor or Internal Auditor (CQI/IRCA or equivalent)
- Preferred Certifications: CISA, CISM, CISSP
Benefits
- Competitive salary
- Flexible working hours
- Professional development opportunities
- Health insurance
- Paid time off
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
Junior Internal Auditor supporting audit processes and evaluating internal controls at FF Seguros. Collaborating with various departments to enhance governance and risk management.
Assist the audit teams in daily tasks and communication with business areas, focusing on financial audits and necessary documentation.
Principal Auditor responsible for leading audits within Capital One’s Global Payment Network. Engage in developing audit programs, assessing risks, and mentoring audit staff in a hybrid work environment.
AVP Senior Internal Auditor at Capital Bank managing SOX compliance and internal audits. Developing audit programs and ensuring compliance with industry standards while communicating findings to management.
Junior Internal Auditor at John Cockerill analyzing operational and financial processes to enhance governance. Collaborating with teams to ensure compliance and risk management across international operations.
Senior Internal Auditor at John Cockerill reporting directly to the Internal Audit Manager. Leading audits and ensuring effective governance and risk management strategies are in place.
Auditor Interno analyzing business processes and internal controls in Valid's hybrid environment. Aiming for continuous improvement and regulatory compliance in audits conducted end - to - end.
Information Assurance Engineer in Cyber division focused on enhancing and securing mission - critical systems and operational environments. Join a team dedicated to advancing national defense objectives.
Seeking a Junior Auditor for Auren in Madrid, contributing to financial statement analysis while pursuing a Master’s degree in Auditing supported by the company.