IT Compliance Lead, EMEIA

Contact:

This role is essential for maintaining the integrity of the company's IT systems and ensuring compliance with regulatory standards. The IT Compliance Lead will have the opportunity to work in a dynamic environment and contribute significantly to the company's risk management and control processes.

• Travel is required, 15-25% depending on the nature of the engagement
• Willing and able to travel internationally

Location:

Europe, preferably Barcelona, Spain

Overview:

This position involves leading both external and internal audits, managing the IT compliance program, and coordinating with various departments and external teams to ensure that IT controls are effectively designed and operating efficiently.

Qualifications:

• Bachelor’s Degree in Information Systems, Accounting, or Business Administration with a concentration in Information Systems
• 1-5 years of experience in Technology Risk, IT Audit, or IT Compliance, preferably at a Big 4 Accounting firm
• CISA, CISM, CPA, CRISC, CISSP, or CIA certifications preferred
• Excellent written and verbal communication skills
• Strong organisational skills with a proven ability to complete multiple tasks simultaneously
• Perform IT components of complex financial, operational, or compliance audits utilising independent judgment and discretion
• Excellent verbal and written communication skills along with presentation skills
• Brings a balance of professional scepticism and desire to seek constructive solutions
• Ability to manage, prioritise, and coordinate multiple tasks required while maintaining flexibility and adaptability to change
• Proven experience in IT audit, with a strong understanding of SOX compliance and ITGCs.
• Ability to lead audits and manage audit teams effectively.
• Excellent communication skills, with the ability to summarise and communicate technical information to a non-technical audience.

Responsibilities:

• Work with different parts of IT and business, including sites in EMEIA, to ensure compliance with IT policies and control standards.
• Develop and maintain a comprehensive understanding of IT processes, risks, and controls.
• Lead the preparation, planning, and execution of IT SOX control tests.
• Coordinate with external auditors to facilitate the IT SOX compliance audits.
• Work closely with internal teams to ensure that IT controls meet SOX compliance requirements.
• Engage with business stakeholders to ensure SOX audit processes are understood and adhered to.
• Communicate control weaknesses and work with control owners and IT management to address them.
• Monitor and report on the status of IT SOX compliance efforts and control effectiveness.
• Assist with the supervision and IT function planning and preparation for the annual risk-based IT audit plan and execute assigned components.
• Assist in defining the IT scope, approach, and project-specific risks and procedures for internal audit and SOX engagements.
• Prepare appropriate documentation (e.g. narratives, flowcharts, control matrices, segregation of duties analyses, audit reports, etc.) in support of all assurance and consulting work performed.
• Perform testing of general and automated application controls relevant to Sarbanes-Oxley compliance.
• Execute testing and documentation of IT general controls, automated business controls and business or operational/regulatory controls that contain an IT component
• Recommend changes to IT internal control processes to improve operational efficiency and effectiveness.
• Assist in the follow-up on internal audit recommendations to ensure implementation
• Coordinate with external auditors on IT-related matters.
• Evaluate, implement and incorporate the use of computer-assisted audit tools and automation techniques when deemed cost-effective.
• Analyse processes, risks, and controls related to Berry IT environments to identify improvement opportunities.
• Perform IT Risk assessment to identify compliance risks and potential vulnerabilities.
• Comply with relevant auditing standards and define/implement best practices within the IT Department.