IT Auditor for SoX and non-Sox Key Controls

  • Competitive
  • Brussels, Bruxelles-Capitale, Belgium
  • Permanent, Full time
  • ING
  • 18 Feb 19

IT Auditor for SoX and non-Sox Key Controls

[IT Auditor for SoX and non-SoX Key Control]

Your role & work environment

As an experienced IT Auditor for SoX and non-Sox Key Controls you will test internal IT controls to ensure that the controls have been designed effectively and that the controls are operated effectively throughout the year in respect to their ability to sufficiently mitigate inherent critical and high risks.
You will be an integral member of the 1st Line of Defence SOX & Key Control Testing team within the Centre of Expertise Safe Business and Regulatory Affairs .

Your key responsibilities

[Key Control Testing]

  • Assess whether the key controls are adequate to mitigate the identified risks. Obtaining sufficient evidence throughout a period of time and assess if the same identified controls operated effectively as intended.
  • Perform walkthroughs and independent testing of IT general controls (ITGC) and Application Controls over IT applications and infrastructure to ensure compliance with Sarbanes-Oxley Section 404..
[On time & On Quality Delivery and reporting ]
  • Assist in scheduling the Key control testing tasks. Manage time effectively and prioritize tasks to ensure deadlines and the expected level of control testing quality are met.

  • Summarise the findings (proposed deficiencies) and remarks (suggestions for improvement) regarding the internal control environment, answers and evidence in a test report. Document the test results and the supporting evidences in the ING Risk Register.
[Stakeholder Management & Continuous improvement]
  • Interface with the all stakeholders and manage expectations (Asset owners, IT custodians, Non-Financial Risk officers, 2 nd Line of Defence, External Auditors and Senior managers). Ensure that issues noted as a result of testing have been discussed and agreed with all relevant stakeholders
  • Identify control testing improvements opportunities.

  • Utilize adequate tools and techniques to increase testing coverage and high quality control testing results.

  • Assist with updates to IT Key control and SOX testing documentation: control testing cookbook system flows, process narratives, risk/control matrices.
We look for

A colleague with a talent for taking it on and making it happen, enthusiasm for helping others to be successful and a knack for always being a step ahead. In other words, you strive to bring fresh ideas to life and embrace challenges in a fast changing and complex environment. You are a naturally collaborative person who listens and invests in others to achieve common goals. You love to challenge the status quo and are eager to propose creative solutions to problems.
As an IT Auditor for SoX and non-Sox Key Controls , you will also need:
  • A master degree with an emphasis in information systems and auditing.
  • A minimum of 4 years of experience as an Information Systems Control Tester or IT Auditor with a demonstrated track record of increasing responsibilities
  • Knowledge and experience on testing operating effectiveness of IT General controls is required.
  • Thorough understanding of information security and risk and good technical knowledge with regards to either Information System applications or platforms or databases or mainframes is required.
  • Experience with IT control frameworks, such as COBIT and NIST frameworks.
  • Be results oriented, work independently and able to manage multiple concurrent tasks without negative impact on quality of work.
  • Project and Process management skills.
  • Excellent oral and written communication skills.
  • To demonstrate strong team player skills.
  • To understand emotional intelligence drivers
Holding one the following certifications is considered as an added value : Certified Information Systems Auditor, Certified Information Systems Security Professional, Certified in Risk and Information System Controls.
We offer you
A clear purpose, a unique offer and a range of flexible compensation and other benefits:
  • Personal growth & challenging work with endless opportunities to realise your ambitions
  • An informal, dynamic environment with innovative colleagues supporting your endeavours
  • A progressive and agile way of working, where new ideas are valued ahead of convention
Furthermore, within the bank Safety department, you can count on a range of opportunities to invest in your personal and professional growth with:
  • the possibility to participate in courses and trainings
  • challenging working environment & a steep learning curve

We redefine banking. What about you?

There has never been a more interesting time to work at ING. We're on a journey that's centred around our customers, powered by technology and driven by smart, determined people. Our customers feel our people are empowering them to stay a step ahead in life and in business. We're proud of that!