Auditor, IT GDPR

Audit Santry, Dublin


Description

Overview:

We are seeking an IT GDPR Auditor to join our growing audit team in Dublin. This individual will report to the IT GDPR Audit Manager in Dublin and will primarily focus on General Data Protection Regulation (“GDPR”) compliance.  In addition the candidate will have responsibility for testing of the effectiveness of Information Technology General Controls (“ITGC”) through the execution of the Sarbanes Oxley process.

Key Responsibilities:

  • Assist in auditingsystems and websites to evaluate potential gaps in data protection and privacy.
  • Produce detailed audit work papers that are re-performable bythird parties (e.g., public accounting firms,regulators or compliance organizations).
  • Support Internal Auditteam members executing phases of the Sarbanes Oxley process for IT controls, including planning, business cycle/process design assessment, test plan development, control testing and deficiency reporting.
  • Evaluate audit evidence for potentialfindings and escalate as required.
  • Examinerecommended action plans for review with management to ensure they are clear, concise and measurablePlan and execute other audit projects as deemed necessary by the VP of Internal Audit and management (e.g., operational, compliance, special projects).
  • Partner with business leaders to develop and improve policies and procedures and improve compliance of system usage.
  • Act as an ongoing resource to all employees for assistance with real time business questions and compliance matters.

Required Skills and Experience:

  • BA/BS degree in information systems, computer science, accounting or related field.
  • Minimum of 5years’ experience with IT auditing, risk management, compliance, and information security.
  • Basic understanding of General Data Protection Regulations (“GDPR”) and Health Insurance Portability and Accountability Act (“HIPAA”).
  • Experience withIT regulations and frameworks (SOX, COBIT, ISO/IEC).
  • Solidgrasp of IT general controls (logical access, system development, program change management, physical security, back-ups and computer operations, etc.) and the related risks they mitigate.
  • Understanding of audit methodology and the use of various tools, sampling, testing and documentation techniques.
  • Strong organizational and project management skills; ability to multi-task.
  • Capacity to meet deadlines while maintaining quality standards and effective time management.
  • Analytical thinker with a proven ability to work independently.
  • Strong verbal and written communication skills.
  • Proficiency in MS Office (i.e., Word, Excel, PowerPoint, Visio).
  • Ability to travel 5% of the time.

Additional Skills Considered a Plus:

  • CISA,CISM, CISP, CPA/Chartered Accountant, CIA or similar.
  • Privacy certification such as CIPP/E, Practitioner Certificate in Data Protectionor similar.
  • 3+ years of demonstrated experience implementing, auditing, or assessing compliance with the following regulatory and industry requirements and standards: Patriot Act, PCI DSS, EU GDPR or Data Protection Act, and ISO/IEC.
  • Big 4 accounting firm experience.
  • Experience with auditing and or using any of Oracle, NetSuite, Salesforce, MSDomains, LDAP, One Login, Operative One, Amazon Web Services, ADP and internally developed systems.
  • Experience conducting company-wide risk assessments (e.g., Fraud Risk, Enterprise Risk Management) and engagement level risk assessments.
  • Past involvement in the implementation of Internal Audit Management Software tools and applications (LogicGate, Alteryx, ACL or similar).