Information Technology General Controls (IT Risk Auditor)

About the role:

The purpose of the role is to provide independent and objective assessment of the design and operating effectiveness control environment, in accordance with Zurich ICIF Framework and focus on the company's Information Technology General Controls (ITGC's). To be responsible for allocated testing for the system components, processes, data and/or information technology environment.

ICIF Framework and focus on the company's Information Technology General Controls (ITGC's).

Responsibilities:

• Plan and execute ITGC's Control Design and Operational Effectiveness Testing
• Support the ITGC Testing Lead in ad-hoc tasks and projects
• Review of RU readiness before testing, as required
• Manage testing of sensitive ITGC controls with highly confidential evidence (e.g. indirect entity level controls such as Board and Management Committees) provided by the units, and any other agreed testing for the RUs
• Where necessary create new test cases/scripts and identify improvement opportunities. Validate existing scripts and ensure fit for purpose, work with ITGC and Business testing team in Krakow.
• Establish and maintain service receiver and local stakeholder relationships specifically within the technology and operations functions
• Deliver testing of controls such as indirect ELCs, within the ITGC arena. Where necessary leverage existing Business control area
• Participate in walk-through meetings and interact with customers as per need

Candidate's profile:

• Bachelor's degree (or equivalent) in IT/Computer Science/Engineering or related field
• For Specialist role at least 1 year of relevant experience in the areas of ITGC controls/IT Audit/IT Risk/IT Compliance
• English B2/C1
• Spanish C1
• Affinity with IS strategy, IS security policy and the organization of IS staff
• Nice to have - a recognized IT/IS qualification e.g. CISA, CISSP, CCNA, CCNP, CompTIA, CEH, GIAC, CDP, CGEIT, CRISC, CISM, ITIL