69 System Audit Jobs

Are You Ready to Make It Happen at Mondelēz International?

Join our Mission to Lead the Future of Snacking. Make It Uniquely Yours.

More about this role

Role Purpose:

The IS Internal audit manager plays important role in leading Mondelez (MDLZ) IT Internal Audit process and driving collaboration with the IS and business functions to identify improvements in IT internal control environment its compliance Mondelez IT standards, Sarbanes Oxley regulatory compliance requirements and leading practices.

For Internal Audit, the role has responsibility to lead MDLZ Global IT internal audit agenda which includes particularly the following:

• Conduct regular risk assessment to identify key IT and Cybersecurity risk areas and ensure those are appropriately covered in the annual IT audit plan.
• Lead design and implementation of internal audit processes and solutions for continuous monitoring of IT and Cybersecurity risks and controls leveraging data analytics techniques.
• Lead development of MDLZ audit approach/methodology/workplans for risk assessment and auditing new emerging risks areas which intersect with IT, cybersecurity or technologies (e.g. Cloud, Agile development, E-Commerce, Social Media, ESG,)
• Lead building Internal Audits IT and Cybersecurity subject matter expert hubs
• Work with co-sourcing partners to enable effective resourcing of audits with the right skillsets and talents.
• Lead Internal Audit IT assessments at MDLZ ventures and acquired businesses to provide assurance on adoption of MDLZ security controls and standards in the entities.
• Lead and manage end to end audit cycle process for MDLZ IT and Cybersecurity audits and advisory reviews (planning, execution, reporting) following risk-based audit approach in conjunction with in-charge (Lead Audit Senior) to adequately address all significant business and audit risks.
• Manage the functional budgets relating to individual Internal Audits (with co-sourcing partner.
• Ensure that all audit work is thorough, complete, and has been performed in accordance with MDLZ IA SLAs/KPIs, IIA standards, MDLZ Internal Audit standards and other relevant industry standards (ISO/ITIL, etc.) depending on focus area of the review.
• Ensure that Business and IT risks / opportunities (including cost saving and business opportunities) are promptly and accurately identified and communicated to senior management and external auditors. 
• Build strong working relationships with MDLZ IS leadership and their respective teams.

Performance Measures / KPIs:

Current and Emerging IT & Cyber Risk Identification and their addressing in IA plan:

• Design and Implement a data driven process and solutions for continuous monitoring of IT & Cyber-risks
• Develop methodology for Risk Assessment and Audit Execution for Emerging IT & Cyber Related Risks
• Working solution providing inputs for annual risk assessment as well as ad-hoc risk re-assessment
• Timely identification and evaluation of the emerging risks with analysis of their potential impact on MDLZ

Internal Audit Risk assessment:

• Conduct regular formal risk assessment across MDLZ functions and Ventures to design the IT IA plan
• Annual IT Audit plan / scope supported by risk-based arguments in line with quality and value measures/KPIs for delivery of the IT audit plan

Internal Audit Delivery:

• Deliver IT audit plan - Lead and manage end to end audit cycle process for MDLZ IT audits and advisory reviews.
• Ensure that all audit work is thorough, complete, and has been performed in accordance with MDLZ and external standards
• Quality and value measures/KPIs for audit execution and reporting
• Strong governance over quality and timeliness of IA IT services

Manage 3rd parties:

• Manage budgeted spend relating to IA and oversight of co-sourced resources from partners
• Develop IT & Cyber SMR hubs with the co-sourcing partner
• Budget to actual tracking and reporting
• Feedback from auditees on expertise and ways of working of the IA teams meeting defined KPIs

IA results Communication:

• Ensure that audit results are effectively communicated to senior management and external auditors.
• Build strong working relationships with MDLZ IS leadership and their respective teams.
• Management of key stakeholders and influencing all levels of management

Career Experiences Required:

Knowledge/ Technical Work-based Skills

• Strong audit and controls background and technical experience.
• Strong IT Risk management and Cybersecurity skills (from audit / risk & compliance point of view)
• Ability to manage diverse set of stakeholders, ability to deal with ambiguity and to manage conflicts
• Learning agility to assess emerging risks and execute audits and controls assessments across diverse functional areas
• Excellent interpersonal skills with ability/desire to work in a team-based, customer-focused environment
• Strong communication skills to all levels of management
• Strong leadership skills; ability to effectively influence all levels of management

General Skills

• Strategic Agility
• Dealing with Ambiguity
• Conflict Management
• Decision-making quality

Qualifications & Experience

• Technical IS Audit, Cybersecurity and Analytics Expertise
• 8+ years experience in IT Audit/Controls/Cybersecurity Practice
• Degree Accounting, Information Systems
• IT Audit or Cybersecurity Certification (e.g. CISA, CISSP, Security+, CCSP.)
• Strong analytical and conceptual abilities, technical audit expertise
• Ability to manage complexity multiple stakeholders across regions/functions, countries and global
• Ability to manage external audit stakeholders and communicate with IS leadership

#ITAudit #InformationTechnologyAudit #ITInternalAudit #Cybersecurity #InformationSecurity #InfoSec #InternalAudit #SarbanesOxley #SOX #RiskManagement #ITRisk #CISA #CISSP #CISM #CRISC