Expert IT Auditor

Job Description

This role focuses on conducting comprehensive IT internal audits to evaluate internal controls, operational processes, and compliance with regulatory requirements. Key responsibilities include identifying areas of IT risks, ensuring IT processes are effective, and recommending improvements to close control gaps and/or enhance efficiency.

The Expert IT Auditor will report directly to the IT Audit Manager while auditing more complex areas as well as conducting simpler audits independently. In this position, the Expert IT Auditor will also support junior team members, providing guidance and mentorship to help them develop their auditing skills.

The role involves preparing detailed audit reports, summarizing findings and proposing recommendations for Senior Management and the Audit Committee.

What does this role involve:

• Conducting IT Audits and Assessments

  • Performing comprehensive audits of information systems, internal controls, operational processes, and compliance with regulatory requirements.

  • Evaluation of the efficiency and effectiveness of internal control systems and recommending improvements.

• Risk Mitigation

  • Identification and assessment of areas of significant business and IT risks, ensuring that risk management processes are robust and effective.

• Reporting and Documentation

  • Preparation of detailed audit reports, summarizing findings, conclusions, and recommendations for management and the audit committee.

  • Maintaining thorough documentation of audit processes, findings, and follow-up actions to ensure traceability and compliance.

• Collaboration and Communication

  • Collaboration with various departments from the whole Allegro Group to understand business processes and provide insights into areas requiring improvement.

  • Clear and effective communication of audit results and recommendations to management and stakeholders, fostering a culture of continuous improvement.

• Compliance and Regulatory Adherence

  • Ensuring that the organization adheres to applicable laws, regulations, and industry standards, especially in the IT area

  • Staying up-to-date with changes in regulatory requirements and best practices, incorporating them into the audit plan to maintain compliance.

What we offer:

• A hybrid work model. Well-located offices (with fully equipped kitchens and bicycle parking facilities) and excellent working tools (height-adjustable desks with monitors, interactive conference rooms).

• A wide selection of fringe benefits in a cafeteria plan – you choose what you like (e.g. medical, sports or lunch packages, insurance, purchase vouchers).

• English classes that we pay for related to the specific nature of your job.

• Work in a team you can always count on – we have on board top-class specialists and experts in their fields.

• Internal educational platform MindUp (with training courses on: work organization, means of communication, motivation to work and various technologies and substantive issues).

We are looking for people who:

• Have at least 4-5 years of experience in the role of IT internal auditor/IT internal controller (preferably BIG4 experience or experience in the listed company) or IT risk assurance (preferably BIG4 experience or experience in the listed company).

• Have good knowledge of basic IT concepts such as logical access management, change management, data management, DevOps, cybersecurity.

• Are passionate about understanding IT environments and systems at a deeper level and always eager to question and improve how things work.

• Have risk assessment ability especially in IT area. 

• Have strong communication skills (verbal & written), including excellent English communication and writing skills (including report writing), with the ability to explain highly technical issues to non-technical individuals

• Have good presentation skills.

• Are highly organized, precise and detail-oriented, with strong analytical problem-solving skills.

• Take care of complete, understandable and useful documentation, preferring content over form.

• Are ready to travel (10-20%).

The following are also an asset:

• Certifications such as Certified Internal Auditor (CIA) and/or Certified Information Systems Auditor (CISA), and/or Certified Information Security Professional (CISSP).

• Experience with various IT frameworks/standards (e.g ISO27001, NIST, CCM (cloud control matrix), PCI DSS (The Payment Card Industry Data Security Standard), Software Assurance Maturity Model (SAMM).

• Experience in working with SAP.

• Knowledge of SQL.

The place of work is Warsaw, however we expect the candidate to be ready for occasional business trips to our other locations in Poland and abroad (Czech Republic, Slovakia, Slovenia, Croatia, Hungary).

Send your CV and see why it is #dobrzetubyć (#goodtobehere)