Jobfoundry
Jobfoundry
CMA CGM

Group Cyber and IT Internal Audit Expert

CMA CGM
BusinessMarseille, FRFull-time2 days ago
Apply Now

About the role

AI summarised

The Group Cyber & IT Internal Audit Expert at CMA CGM Group leads and executes IT internal audit engagements globally, ensuring risk-based assurance and compliance. Based in Marseille, the role involves audit planning, fieldwork, reporting, and follow-up, with 30-40% travel. The ideal candidate has a Master's in IT or related field, at least 5 years of IT audit or cybersecurity experience, and familiarity with frameworks like ISO 27001 and NIST.

BusinessFull-timeGeneral

Key Responsibilities

  • Execute audit engagements of various types in accordance with the annual audit plan and specific requests from stakeholders.
  • Audit Preparation: retrieve & analyze data and applicable policies, perform focused interviews to develop a risk-based audit working program adapted to the scope and objectives of the assigned review.
  • Audit Fieldwork: Perform interviews, controls and analytical tests in accordance with the developed audit working program and group internal audit methodology.
  • Draft and share with auditees the audit preliminary conclusions.
  • Audit Reporting: Drafting the audit report outlining the issues and gaps identified. For all findings, the report will include detailed root cause analysis, associated risks and recommendations.
  • Audit Debriefing: Debrief local, regional and top management as needed.
  • Audit Follow-up: Regular follow-up of action plans agreed with auditees to ensure risks related to the identified gaps are under control.
  • As mission leader: in collaboration with the internal audit management, define the audit's scope and schedule in accordance with the objectives.
  • Define and assign to each auditor a part of the audit work scope. Coordinate and monitor the progress of the audit work for the whole audit team to ensure audit objectives are met (schedule and scope).
  • Audit Methodology: identify and propose changes and improvements to the internal audit methodology (e.g., test, deliverables) to ensure the audit approach is adapted to the evolution of the internal and external contexts.

Requirements

  • Master of Science in IT, Computer sciences or Engineering.
  • International experience during the academic period is a strong plus.
  • At least 5 years of working experience in IT with focus on Internal Controls or Cybersecurity, or internal audit of multinational groups (preferred) possibly combined with external audit experience (international audit firm).
  • Experience in transaction services advisory at a global consulting firm is an advantage.
  • Experience in IT Operations, IT Projects, Artificial Intelligence, Data Engineering.
  • Audit related professional certifications are highly appreciated: CISA, ISO27001 Lead auditor, CEH, CIA.
  • Familiar with existing IT frameworks such as ISO 27001, NIST, COBIT or ITIL.
  • Solid knowledge of any of the following: IT Governance, IT Operations & Security.
  • Experience in Data analytics/Engineering.
  • IT Risk assessment abilities.
  • Ability to quickly learn the key concepts of new/emerging technologies and identify key risk areas within those technologies.
  • Data mining and analytics skills.
  • Great team player with the ability to take the initiative and work independently.
  • Ability to prioritize tasks and deliver on time.
  • Fluency in English is mandatory (both written and oral).