Global IT Audit Senior Manager - Cybersecurity & Data Privacy

About The Position

Requirements

• The successful candidate must have a minimum 8 years of IT audit experience, with at least 5+ years at a “Big 4” accounting or IT consulting firm preferred.
• Expert understanding of key privacy principles such as lawfulness, fairness, and transparency, purpose limitation, data minimization, accuracy, storage limitation, integrity and confidentiality, and accountability
• Extensive audit related to data privacy is required. Covering areas such as DSAR, DPIA, SCC, cross-border data transfers
• Experience evaluating technical cybersecurity controls including Network configuration and architecture, EDR, vulnerability management, cloud security, and SOC Operation review
• Expert knowledge of contemporary IT risk management and control techniques and security control frameworks, such as NIST, ISO/IEC 27001, CIS Controls,
• Expert knowledge of Network, API, AI Model and operating system security
• Working knowledge of Operational Technology related cyber threats
• Expertise in privacy policies, regulations, privacy or technology law, policy, such as GDPR, CCPA, LGPD, PIPL etc.
• Experience in privacy controls testing, issue management, and remediation
• Ability to establish and maintain harmonious working relationships with colleagues and external contacts, and to work effectively in a professional team environment.
• Good command of written and spoken English is a must; additional language skills are preferred.
• Exceptional report-writing ability, with the capability to distil complex technical issues into clear, concise, and actionable insights for diverse audiences

Nice To Haves

• additional language skills are preferred.

Responsibilities

• Develop the data privacy and cybersecurity audit plan and act as a thought-partner for the Global IT Audit Associate Director in preparing audit strategy for other technology audit areas to collectively form the annual, risk-based internal audit plan.
• Provide oversight to the IT Audit Managers responsible for executing cybersecurity, data privacy, emerging technology, and third-party vendor risk audit projects and consults across the organization, ensuring systems comply with applicable security standards and privacy regulations such as GDPR, CCPA &NIST.
• Build strong partnership with Cybersecurity and Privacy leaders across the business, and their respective teams, seeking input for annual planning and collaborating on audit results and risks.
• Lead the planning, scoping and execution of audit and consulting projects, including guiding the development of new audit work programs in data privacy and cybersecurity.
• Supervising the execution of multiple audit engagements simultaneously, and supporting execution of highly complex, high visibility/impact projects, as needed.
• Support IA risk assessment of cybersecurity and privacy and participate in forums related to the evolution of controls and governance over cybersecurity and emerging technologies.
• Communicate or assist in communicating the results of audit and consulting projects via written reports and oral presentations on a timely basis to senior management.
• Develop and maintain productive team-oriented relationships within the Internal team and across the organization through individual contacts and group meetings.
• Perform quality reviews over workpapers and reports and ensure timely report completion.
• Coaching and consulting business units, MGS and Corporate on governance, risks and controls

Benefits

• Work with over 130,000 diverse and talented Associates, all guided by The Five Principles.
• Join a purpose driven company, where we’re striving to build the world we want tomorrow, today.
• Best-in-class learning and development support from day one, including access to our in-house Mars University.
• An industry competitive salary and benefits package, including company bonus.
• participation in 401k plan, and paid time off benefits.