IT Audit Project Lead

The IT Audit Project Lead is responsible for the timely execution of risk-based internal IT audits in accordance with the annual audit plan, as well as assisting Group Audit Leadership team with other audit matters and projects (e.g. Knowledge development & sharing) related to IT.

The purpose of the job is to:

● Provide to the Group Board Audit Committee and to the CEO independent and objective assurance over IT internal control effectiveness in any of the Group’s entities and functions;

● Help improve effectiveness and efficiency of operations,

● Develop and share knowledge

● Contribute to the development of talents & future leaders.

● For their assigned missions and audit scopes, the IT Audit Project Lead should understand business risks, understand and describe IT processes, analyze their performance and assess the effectiveness of the internal controls, vis-à-vis the Group’s standards, rules, & guidelines. The assessment and recommendations for improvement are formalized in a report.

● They ensure Assignment Auditors work is up to Group Internal Audit’s performance standards.

● The IT Audit Project Lead should also:

● Create, expand and maintain Group Internal Audit’s knowledge and tools to ensure continuous adaptation to the evolution of Holcim’s business.

● Support the development of Holcim's IT Audit department through acting as a «Technical Specialist» in one of the following IS/IT areas: IT Governance & Strategy, Project Management, Information Security Management, IT Service Management, IT Architecture.

● In particular, the IT Audit Project Lead contributes to enhance the Group maturity in regards to Health & Safety: acting as arole model in the office and during audit assignments, developing his/her knowledge on the matter.

● The IT Audit Project Lead contributes to the development of the Auditors on their teams.

MAIN ACTIVITIES / RESPONSIBILITIES

Audit Assignments:

● The IT Audit Project Lead prepares and executes Holcim IT audit assignments on-site in Operating Countries, IT Digital

● Centers/Regional IT hubs or in Corporate offices according to Group Internal Audit quality manual and assignment methodology.

This includes i.a.:

● Adhering to and complying with health, safety and security aspects and specifics of each project and providing relevant feedback, post assignment, to Group Internal Audit and other stakeholders,

● Manage own expenses and coordinate travel arrangements,

● Develop audit work programs, using a risk-based methodology,

● Performing audit and verification procedures, and maintaining Internal Audit Working Papers and document repository,

● Perform quality control and work paper review,

● Preparing and contributing to the audit Exit Meeting presentation,

● Supporting Internal Audit management during the reporting phase (E.g. Draft report writing, discussion of proposed action plans, report finalization, stakeholder debrief)

● Coach team members during audit assignments to develop their technical (audit, business & IT processes, & business acumen) and soft skills.

● Taking in charge action plan follow-up on a portfolio of allocated projects (e.g. requesting update from auditees,conducting ad-hoc meetings, conducting desk or on-site verifications)

Knowledge development & sharing:

The IT Audit Project Lead can also be assigned to projects aimed at improving Group Internal Audit’s performance and

internal processes notably in relation to the use of IT tools.

People Development:

The IT Audit Project Lead takes the ownership of his/her own career development in coordination with the Head of IT Audit.

JOB DIMENSIONS

Audited domains:

IT and digital transformation (e.g. strategy & governance, security management, project management, service

management, application controls, IT architecture)

PROFILE REQUIRED

Level of education/qualifications normally required:

● MBA, Master of Science, Bachelor degree in computer science or related field

● CIA, CISA, CISSP or other specialist IT related qualification considered as a plus

Specific work experience:

Mandatory:

● Minimum 8-10 years of experience in IT audit or other relevant IS/IT operational experience (e.g. IS/IT security,

IS/IT service management or IS/IT project management) in the industrial sector in a listed Company or in a Big 4 Firm

● Exposure to Digital Transformation projects or programs

● Data Analytics knowledge

Considered as an advantage:

● Practical experience of key IS/IT related standards such as COBIT, ISO27000, ISO20000, ITIL, CMMi, Prince 2,

PMBOK, etc.

● Industry knowledge

Technical / functional skills:

Mandatory:

● Strong analytical skills, ability to link IS/IT risks with business risks

● At least one of the following skills

● SAP or JDE technical skills & knowledge

● IS/IT governance & strategy

● IS/IT security

● IS/IT service management

● IS/IT project management

Behavioral competencies:

● Integrity, alignment with Group values, humility,

● Objectivity, courage, independence, fairness

● Diplomacy, listening skills, communication skills

● Interpersonal skills, at ease in coaching people

● Ability to evaluate risks in the context of the Group strategic vision

● Analytical skills/Result orientation

Leadership and managerial abilities:

● Team management experience, high level of respect in intercultural environments

● Role model

● Business and strategic understanding

Language skills:

● Fluency in spoken and written English is a must. Another language (French, Spanish, German…) as a plus

Mobility requirements (time spent travelling internationally, nationally etc.):

● Up to ca. 50% travels (i.e. 18 to 23 weeks annually)