IT Audit Manager
Today, Lonza is a global leader in life sciences operating across three continents. While we work in science, there’s no magic formula to how we do it. Our greatest scientific solution is talented people working together, devising ideas that help businesses to help people. In exchange, we let our people own their careers. Their ideas, big and small, genuinely improve the world. And that’s the kind of work we want to be part of.
As an IT Audit Manager you will lead the IT section of the global Internal Audit function, involving primarily the planning, execution and finalization of IT related internal audit assignments. You will identify risks and weaknesses and provide recommendations in order to enhance the effectiveness and efficiency of processes and controls in the IT area.
Lead , execute and finalize IT audit assignments as well as consulting/ advisory engagements related to IT
Assist Head of Internal Audit in various IT audit related tasks, including preparation of IT risk assessments, maintenance of corresponding IT audit universe and development of IT audit plans
Maintain regular contact with the IT organization and its leadership team; represent a sparing partner for IT management and regularly follow-up and report on the implementation of IT audit recommendations
Manage and develop one direct report; guide and train team members assigned to the individual engagements; supervise occasionally external specialist supporting an assignment with required expertise
Bachelor’s Degree IT / Computer Science or related technology field
Significant experience in IT auditing as well as demonstrated proficiency in IT operations
Competent knowledge of Enterprise IT governance and IT risk management and IT risk assessment processes, Information Security operations, policies and procedures; expert in ITGC audits (security, change management, disaster recovery, data center, infrastructure etc.)
Understanding and/or experience of Enterprise IT Operations (Service Delivery, Infrastructure, Project Management, Outsourcing, Asset Management, etc.)
Excellent knowledge of IT control frameworks (e.g. COBIT, ITIL)
Solid knowledge and hands on experience with implementing or managing major Enterprise IT technologies and platforms (AD, Exchange, SaaS, SoC, etc.)
Good understanding of IT security frameworks such ISO, NIST (knowledge of IT Security program development and processes a plus)
Hands on experience with network reconnaissance (up to penetration testing) and related tools (port scanners, packet sniffers, Kali Linux etc.)
Working knowledge of scripting languages, ability to read and review code (scripts, SQL, basic understanding of programming languages, etc.)
Familiar with SDLC methodology, operating systems, DB platforms, web application architecture
good level of understanding of standard business processes like S2P, OTC, R2R
Competent knowledge of audit standards; CISA certification a must, further certifications (CIA, CPA, CISM etc.) a plus
Good analytical skills, risk focused, target and deadline oriented, result driven and solution developer, motivated self-starter
Very good communicator on all levels (within team, as team lead, with all levels of IT organization as well as HQ management)
Leadership skills and potential to develop career further within the Lonza Group after 3-4 years in internal auditingTravel requirements approximately 20-30%
Every day, Lonza’s products and services have a positive impact on millions of people. For us, this is not only a great privilege, but also a great responsibility. How we achieve our business results is just as important as the achievements themselves. At Lonza, we respect and protect our people and our environment. Any success we achieve is no success at all if not achieved ethically.
People come to Lonza for the challenge and creativity of solving complex problems and developing new ideas in life sciences. In return, we offer the satisfaction that comes with improving lives all around the world. The satisfaction that comes with making a meaningful difference.