- Responsible for the compliance activities within internal and external audits, coordinate CSB security controls activities to ensure risk reduction
- Responsible for compliance transformation and SOX ramp-up activities for the new technologies like AI, SAP HANA, Maschine learning, CAAT, Robotics, Cloud, Blockchain, etc.
- Ensure that no deficiencies or non-conformities are raised against SOX GITC, security controls and privacy controls.
- Responsible within preparing regular reports and dashboards in regards to SOX GITC, privacy controls, and audits by owning the resolution for any compliance issues that arise and ensure that lessons learned are fed back into processes.
- Challenge existing security, privacy, and SOX processes to ensure that unnecessary compliance overheads are removed
- Manage internal and external audit actions and tasks, as well as the remediation of non-conformity identified as part of the audit process.
- Prepare the SOX SteerCo material and follow up on the actions
- Coordinate and manage the EVO SOX SteerCo
Key accountabilities and decision ownership
- Compliance with internal and external guidelines, processes, and policies
- Deliver against the defined KPI’s for SOX compliance, security, privacy, cyber security baseline
- Identify recurring issues & needs in day to day business
Core competencies, knowledge, and experience:
- Proven experience (3 to 5 years) of IT and data center process standards
- Good practical knowledge of Sarbanes-Oxley legislation, in particular S404, its application within an IT department, and of managing Sarbanes-Oxley with third parties.
- GDPR knowledge and experience
- IT Audit knowledge and experience
- Strong Communication ; Facilitation skills both verbal and written, presentation skills
- Agile thinking and working
- Attention to detail and completeness of detail
- Good knowledge of the Remedy system
- Good knowledge of EVO Ecosystem architecture; EVO Support Model, SAP HANA, AI, Machine learning, IRFS, Cloud, etc. especially within the new technologies, Datacenter, Group Technology, Cyber Security
- Good practical knowledge of ITIL disciplines.
- Strong experience in process mapping and process design
Must have technical/professional qualifications:
- Good understanding of IT-Service Management (example ISO 20000)
- ISO27001 Certification(s)
- Knowledge of SAP and data center environment
- Industry-standard premium qualifications like ITIL Expert, ISO/IEC 27001 Lead Auditor, ISACA (CISM/CISA/CISSP), are recommended
- Proven Project management experience;
- Project Management qualifications are a plus
- Experience in a multinational environment
- Ability to work across international and distributed teams
- Able to deal with international customers and partners
- Good communication and interpersonal skills, coordination capability, structured and organized
- Efficient problem solver with the ability to prioritize and manage several tasks on an ongoing basis