By continuing to browse this site, you agree to our use of cookies. Read our privacy policy

Senior IT Auditor(P4)

Vienna

  • Organization: IAEA - International Atomic Energy Agency
  • Location: Vienna
  • Grade: Mid level - P-4, International Professional - Internationally recruited position
  • Occupational Groups:
    • Accounting (Audit, Controlling)
    • Information Technology and Computer Science
  • Closing Date: Closed

Organizational Setting

The Director General's Office (DGO) provides leadership and coordination for all IAEA activities at the executive level for meeting Member States' needs, and achieving a one-house approach and a results-based management.

The Office of Internal Oversight Services (OIOS) comprises four main functional areas\: internal audit, investigation, management services and programme evaluation. In accordance with its Charter, OIOS provides the Director General and IAEA managers with objective, independent and systematic assessments for the purposes of improving the efficiency and effectiveness of programme delivery, and ensuring accountability, sound governance, risk management and internal control, and good management practice.

 

Main Purpose

 

As a member of the Internal Audit and Management Services Group, under the general direction of the Director of OIOS, the Senior IT Auditor plans and conducts information technology (IT) audits and regular audit assignments in accordance with the Internal Audit Manual and in compliance with the OIOS Charter.

 

Role

 

The Senior IT Auditor is 1) an examiner, responsible for planning and conducting IT/regular audit assignments of mid and high level of complexity; 2) a risk assessor, helping to bring a systematic, disciplined approach to evaluating and improving the effectiveness of risk management, control, and governance processes; and 3) an advisor, carrying out independent, objective assurance and consulting activities designed to add value and improve an organization's operations.

 

Functions / Key Results Expected

 

Prepare and implement risk-based audit assignments with the following objectives\:

• To assess risks that could threaten the achievement of the Agency objectives and to determine whether adequate and appropriate controls have been established to mitigate the identified risk;
• To assess the degree of compliance with the Agency regulations, rules and policies;
• To determine the effectiveness of governance, risk management and internal controls;
• To determine whether the Agency's assets and resources are sufficiently protected from misuse, theft and losses and that information resources are protected from unauthorized access, risk of loss and damage.;
• To assess management practices and to verify that the resources are used for efficient and effective implementation of its programme and activities; and
• To recommend appropriate remedial actions to address risks, ensure compliance, and improve the efficient and effective management of Agency resources. These recommendations should focus on adoption of management best practices.

Conduct any other tasks, as required.

Competencies and Expertise

Core Competencies

Name Definition
 
Communication Communicates orally and in writing in a clear, concise and impartial manner. Takes time to listen to and understand the perspectives of others and proposes solutions.
 
Achieving Results Takes initiative in defining realistic outputs and clarifying roles, responsibilities and expected results in the context of the Department/Division’s programme. Evaluates his/her results realistically, drawing conclusions from lessons learned.
 
Teamwork Actively contributes to achieving team results. Supports team decisions.
 
Planning and Organizing Plans and organizes his/her own work in support of achieving the team or Section’s priorities. Takes into account potential changes and proposes contingency plans.

Functional Competencies

Name Definition
 
Analytical thinking Analyses information to identify cause and effect relationships and correlations. Identifies critical elements and assesses consequences of different courses of action and proposes solutions.
 
Judgement/decision making Consults with supervisor/manager and takes decisions in full compliance with the Agency’s regulations and rules. Makes decisions reflecting best practice and professional theories and standards.
 
Technical/scientific credibility Ensures that work is in compliance with internationally accepted professional standards and scientific methods. Provides scientifically/technically accepted information that is credible and reliable.

Required Expertise

Function Name Expertise Description
     
Internal Oversight Audit, Governance, Risk Management and Internal Controls Ability to assess the adequacy of internal controls, risk management and governance and to formulate and communicate audit findings and recommendations.
     
Information Technology Business System Analysis Ability to assess the procedures and operations under audit and to propose organizational or procedural changes to improve efficiency and effectiveness of operations.
     
Internal Oversight IT Auditing Proficiency in auditing IT general and application controls, conducting reviews of information security controls and assessing system development projects.
     
Internal Oversight Information and IT Security Good knowledge of relevant standards related to information technology and information security, promulgated by the relevant professional institutions and groups.

 

Qualifications, Experience and Language skills

 

Advanced university degree (Master's, equivalent or higher) in accounting, public administration, finance, IT or other related fields.

A university degree (Bachelor's or equivalent) in the above-mentioned fields with three additional years of relevant experience may be accepted in lieu of a Advanced degree.

Certificated in one or more of the following areas\: CIA, CISSP or CISA

Minimum seven years of IT auditing experience at the national and international levels in the private and/or public sector.

Familiarity with cyber and physical security, business continuity and disaster recovery, DevOps, Software Development Life Cycle (SDLC), data analytics, Enterprise Resource Planning (ERP) systems and Prince2.

Familiarity with TeamMate, PowerBI and SQL is desirable.

Excellent partnering and stakeholder management.

Outstanding communication skills, both written and oral, including interview and presentation techniques, with the ability to effectively convey complex ideas in an engaging manner with clarity, diplomacy and precision.

Excellent oral and written command of English. Knowledge of other official IAEA languages (Arabic, Chinese, French, Russian and Spanish) is an asset.

 

Remuneration

 

The IAEA offers an attractive remuneration package including a tax-free annual net base salary starting at US $75602 (subject to mandatory deductions for pension contributions and health insurance), a variable post adjustment which currently amounts to US $ 28351, dependency benefits, rental subsidy, education grant, relocation and repatriation expenses; 6 weeks' annual vacation, home leave, pension plan and health insurance

 

-------------------------------------------------------------------------------------------------------------------------------------------------------------
Applications from qualified women and candidates from developing countries are encouraged

Applicants should be aware that IAEA staff members are international civil servants and may not accept instructions from any other authority. The IAEA is committed to applying the highest ethical standards in carrying out its mandate. As part of the United Nations common system, the IAEA subscribes to the following core ethical standards (or values)\: Integrity, Professionalism and Respect for diversity. Staff members may be assigned to any location. The IAEA retains the discretion not to make any appointment to this vacancy, to make an appointment at a lower grade or with a different contract type, or to make an appointment with a modified job description or for shorter duration than indicated above. Testing may be part of the recruitment process
-------------------------------------------------------------------------------------------------------------------------------------------------------------

This vacancy is now closed.
However, we have found similar vacancies for you: