Group Cyber And IT Internal Audit Expert H/F CMA CGM

YOUR ROLE

Group Internal Audit is an independent function whose primary mission is to enhance and protect organizational value by providing risk-based and objective assurance, advice, and insight.

As Group Cyber & IT Internal Audit Expert, you will be based at the CMA CGM Head Office in Marseille, reporting to the CMA CGM Group Cyber & IT Internal Audit Manager.

You will be responsible for leading and executing IT internal audit engagements in accordance with the annual audit plan within the whole CMA CGM group perimeter.

You will be traveling around 30-40% of your working time.

WHAT ARE YOU GOING TO DO?

• Execute audit engagements of various types in accordance with the annual audit plan and specific requests from stakeholders.
• Audit Preparation: i) retrieve & analyze data and applicable policies, ii) perform focused interviews to develop a risk-based audit working program adapted to the scope and objectives of the assigned review.
• Audit Fieldwork: Perform interviews, controls and analytical tests in accordance with the developed audit working program and group internal audit methodology. Draft and share with auditees the audit preliminary conclusions.
• Audit Reporting: Drafting the audit report outlining the issues and gaps identified. For all findings, the report will include detailed root cause analysis, associated risks and recommendations. Remediation action plans proposed by the auditees will also be included.
• Audit Debriefing: Debrief local, regional and top management as needed.
• Audit Follow-up: Regular follow-up of action plans agreed with auditees to ensure risks related to the identified gaps are under control.
• As mission leader: in collaboration with the internal audit management, define the audit's scope and schedule in accordance with the objectives. Define and assign to each auditor a part of the audit work scope. Coordinate and monitor the progress of the audit work for the whole audit team to ensure audit objectives are met (schedule and scope). Be the primary interface for both the audit management and Auditees from the audit preparation to the follow-up phase
• Audit Methodology: identify and propose changes and improvements to the internal audit methodology (e.g., test, deliverables) to ensure the audit approach is adapted to the evolution of the internal and external contexts (e.g., deployment of new IT operational systems, enforcement of new regulations)

WHO ARE WE LOOKING FOR?

Master of Science in IT, Computer sciences or Engineering.

• International experience during the academic period is a strong plus.
• At least 5 years of working experience in IT with focus on Internal Controls or Cybersecurity, or internal audit of multinational groups (preferred) possibly combined with external audit experience (international audit firm).
• Experience in transaction services advisory at a global consulting firm is an advantage.
• Experience in IT Operations, IT Projects, Artificial Intelligence, Data Engineering
• Audit related professional certifications are highly appreciated: CISA, ISO27001 Lead auditor, CEH, CIA...
• Familiar with existing IT frameworks such as ISO 27001, NIST, COBIT or ITIL
• Solid knowledge of any of the following: IT Governance, IT Operations & Security
• Experience in Data analytics/Engineering
• IT Risk assessment abilities
• Ability to quickly learn the key concepts of new/emerging technologies and identify key risk areas within those technologies.
• Data mining and analytics skills.
• Great team player with the ability to take the initiative and work independently.
• Ability to prioritize tasks and deliver on time.
• Fluency in English is mandatory (both written and oral.

Come along on CMA CGM's adventure !