IT Auditor (f/m/d)
As IT Auditor you will support the IT section of the global Internal Audit function, involving primarily the planning, execution and finalization of complete or selected areas of IT related internal audit assignments. You will identify risks and weaknesses and provide recommendations in order to enhance the effectiveness and efficiency of processes and controls in the IT area.
Key responsibilities:
- Execute reviews of complete or selected areas of IT audit units, as well as consulting/ advisory engagements related to IT; finalize and document results formally, including corresponding discussions with senior IT management; regularly follow-up and report on the status of implementation of IT audit recommendations
- Cooperate with other team members and assist the Head of Internal Audit in various IT audit related tasks, including preparation of IT risk assessments, maintenance of corresponding IT audit universe and development of IT audit plans
- Maintain regular contact with the IT organization and its leadership team
Candidates with exposure/expertise in the following areas preferred:
- Solid knowledge and hands on experience regarding major Enterprise IT technologies and platforms (AD, Exchange, SaaS, SoC, etc.)
- Working knowledge of scripting languages, ability to read and review code (scripts, SQL, basic understanding of programming languages, etc.)
- Familiar with SDLC methodology, operating systems, DB platforms, web application architecture
- Competent knowledge of audit standards; CISA a plus (mandatory completion latest during first year of employment)
Minimum Required Qualifications / Skills:
- Bachelor’s Degree IT / Computer Science or related technology field
- Mandatory experience in IT auditing as well as demonstrated proficiency in IT operations, with advanced years of combined experience
- Competent knowledge of Enterprise IT governance and IT risk management and IT risk assessment processes, Information Security operations, policies and procedures; expert in ITGC audits (security, change management, disaster recovery, data center, infrastructure etc.)
- Understanding and/or experience of Enterprise IT Operations (Service Delivery, Infrastructure, Project Management, Outsourcing, Asset Management, etc.)
- Excellent knowledge of IT control frameworks (e.g. COBIT, ITIL) as well as good understanding of IT security frameworks such as ISO, NIST (knowledge of IT Security program development and processes a plus)
- Hands on experience with network reconnaissance (up to penetration testing) and related tools (port scanners, packet sniffers, Kali Linux etc.)
- Experienced in internal/external auditing of processes in manufacturing industry; additional prior experience in other business activities/functions preferred
- Good analytical skills, risk focused, target and deadline oriented, result driven and solution developer, motivated self-starter; good communicator
- Leadership capabilities and potential to develop career further within the Lonza Group after 3-4 years in internal auditing
- Travel requirements approximately 10-20%
Every day, Lonza’s products and services have a positive impact on millions of people. For us, this is not only a great privilege, but also a great responsibility. How we achieve our business results is just as important as the achievements themselves. At Lonza, we respect and protect our people and our environment. Any success we achieve is no success at all if not achieved ethically.
People come to Lonza for the challenge and creativity of solving complex problems and developing new ideas in life sciences. In return, we offer the satisfaction that comes with improving lives all around the world. The satisfaction that comes with making a meaningful difference.