IT-Auditor (information security and compliance) (f/m/d)

SOS Children's Villages, founded in 1949 by Hermann Gmeiner, is the world's largest non-governmental organization focused on supporting children and young people without parental care, or at risk of losing it.

Child neglect, abuse and abandonment is everywhere. Families are at risk of separation. Locally led, we work in more than 130 countries and territories to strengthen families who are under pressure so they can stay together. When this is not in a child or young person's best interests, we provide quality care according to their unique needs.

Together with partners, donors, communities, children, young people and families, we enable children to grow up with the bonds they need to develop and become their strongest selves. We speak up for each child's rights and advocate for change so all children can grow up in a supportive environment.

Location: Innsbruck or Vienna/Austria and Dakar (Senegal), Addis Ababa (Ethiopia), Faridabad (India), Tallin (Estonia), Skopje (North Mazedonia),  La Paz (Bolivia), San José (Puerto Rico), Amman (Jordan), Casablanca (Marocco).

Duration: Ulimited, Full-time 

Mission

Internal Audit (IA) is an independent, objective assurance and consulting activity designed to add value and improve the federation’s operations. It helps the federation to accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, controls and governance processes. Internal Audit as the third line (of defense) directly reports to the Senate (Finance and Accounting Comitee).  

Internal Audit is one of the important activities of SOS Children’s Villages International safeguarding activities for the entire Federation. 

Internal Audit is an independent function within SOS Children’s Villages International, it is located in the General Secretariat (GSC) and comprises the International Director Internal Audit and a number of Internal Auditors, who are located in the International Office and the International Offices Region and who report to the International Director Internal Audit.  

Given the existing and even increasing risks arising from IT systems, tools, software and users in Federation and the potential vulnerability of SOS Children’s Villages International IT systems to external attacks, the Internal Audit function is in search of a knowledgeable IT Auditor, being in charge of auditing a high inherent risk for the entire SOS Federation.  

The IT-Auditor will be in charge to perform IT Audits on a worldwide basis and directly report to the International Director Internal Audi. The IT-Auditor will also have close contact with the Cybersecurity Governance and Steering Team of SOS Children’s Villages International (CGS). This position will require a skillset of both: internal audit methodology and knowledge in IT systems, processes and controls (with focus on information security and compliance). 

Tasks & Responsibilities 

• Independent planning and conducting of IT-Audits (IT-systems, IT-controls, IT-supported business processes, IT-organization and IT-infrastructure) centrally and in legally independent membership organizations (more than 130 countries) with focus on compliance and security. In addition participation in planned internal cross-functional audits on a worldwide basis.
• Conducting final meetings with auditees and compilation of audit reports.
• Analysis and evaluation of risks and identification of actionable remediation measures in cooperation with the ICT department of General Secretariat.
• Handover of recommendations to Cybersecurity Governance and Steering Team of SOS Children’s Villages International (CGS) for monitoring of implementation. 

• Conducting follow-up audits to assess the quality and timeliness of remediation of actions agreed with auditees. 
• Setting up annual audit plan for IT audits and presenting the plan to supervisory bodies.
• In-house consulting by giving expert advise and IT-project accompanying audits.

Requirements

Essential:

• Bachelor degree in IT, business administration, engineering or similar field of expertise
• Strong background on GDPR

• A minimum of 5-7 years of experience in internal audits and IT audits
• Expertise in IT-systems, processes and controls 
• Strong analytical thinking and diplomatic skills 
• Good report writing skills
• Openness to travel up to 50% of working time

Desirable 

• Interest in actual and future trends in IT 
• Ideally certification as CISA, CISM, CISSP or CIA
• Strong stakeholder management and convincing skills
• Intercultural competencies 
• Strong English skills (written and verbal). German, Spanish and/or French would be desirable
• Citizenship or a valid working permit for the country you are applying for 

We offer

• A diverse range of interesting tasks in a leading INGO multicultural working environment
• As a responsible employer we provide a range of training schemes and encourage educational enhancement
• A salary that will be commensurate with experience and qualifications

If you are interested in this position, please submit your detailed application in English by 6th January 2023 at https://careers-sos-kd.icims.com