We are seeking an experienced audit professional to evaluate the status of our technological services, including information systems and telecommunications networks. The goal is to enhance security, efficiency, and profitability across all platforms. The role will focus on: Cybersecurity aspects, and addressing specific risks related to information systems, telecommunications infrastructure, engineering, web and mobile applications, and value-added products (IPTV, FTTH, etc.). Conducting perimeter reviews on Cloud services and IoT. Managing ESG (Environmental, Social, and Governance) audits with an emphasis on environmental factors (radiation, hazardous waste treatment, carbon footprint, etc.).
Responsibilities
- Understand the IT & Network environment to assess and evaluate the effectiveness and efficiency of their internal controls and operating practices.
- Develop and manage a risk register for IT & Network reviews, including IT implementation and delivery, IT infrastructure, IT & Network security, Business Continuity, Cloud services, IoT, etc.
- Propose reviews of systems, technology, and infrastructure areas of Internal Audit Plan based on the needs of the business and associated risks. Organize, direct, perform, and/or supervise its execution according to IPPF (International Professional Practices Framework) / GIAS (General Internal Audit Standards) standards and procedures, ensuring quality of audits meets or exceeds international standards.
- Lead and coordinate the multidisciplinary work team with OpCos (Operating Companies). Follow the implementation of agreed and communicated remedial actions.
- Ensure planned activities incorporate narratives, process flows, audit programs, fieldwork, etc. Prepare impactful audit reports and present their findings and recommendations, which should always be clear, concise, and constructive.
- Provide regular reports of the function to local and Group management.
- Assist in IT compliance implementation projects (ISO, SOC, GDPR, etc.)
- Plan, coordinate and supervise Company's settings relating IT General Controls (ITGC) and Cybersecurity.
- Coordinate robotics (RPA, Robotic Process Automation) and continuous/online auditing projects to support the function, aimed at improving audit quality, reducing audit life cycle, and improving test coverage.
- Define and design the KPls for the different services under supervision. Monitoring and reporting thereof. Promote innovation activities.
- Assist IA teams in carrying out reviews.
- Ensure timely communication with CIA and relevant stakeholders relating risks, recommendations, action plans and its implementation.
Requirements
- Bachelors degree in Engineering, Information Systems, Telecommunications or related field
- Master / Postgraduate Degree in Cybersecurity (preferred)
- Minimum experience of 5-8 years in similar positions
- CISA and CISM certifications
- Use of data analysis tools (e.g., QlikView/Sense, ACL, PowerBI, SAP BO, Microstrategy).
- ITGCs and Personal Data Protection Methodologies. ISO, PCI regulations, etc.
- Risk management and internal control.
- Operating systems, databases, network elements, real security monitoring tools
- Python and similar programming languages
- Elements (hardware) that make up telecommunications networks
- Knowledge of environmental policies and regulations
