IT Internal Controls Analyst

Job Title

IT Internal Controls Analyst

Job Description Summary

As an IT Internal Controls Analyst, you will support and perform internal information security control audits and/or reviews for service lines to ensure adherence with established policies & procedures, business practices, company guidelines and support the continuous improvement process. This position will support the Compliance program, which is COSO based, in the most efficient and effective manner possible by working within the established calendar of activities, performing assigned testing, risk assessments, risk analytics and documenting test results appropriately and participating in discussions with Management regarding testing results. The role will also focus on the monitoring program for mainly SOC2 activities and internal controls reviews requested and Global Occupier Services Management. You will also support both the regional and global teams with the provision and analysis of insightful, consistent and quality information security data obtained from the wider team, IT partners, third party suppliers and Business Units across the Company.

Job Description

• Ensure the company’s IT internal controls are in compliance with internal regulations and standards
• Perform daily, weekly, and monthly testing related to the company’s internal compliance program including general IT controls, information security controls, minimum standards and other controls and processes as necessary to evaluate compliance with internal company policies and guidelines.
• Participate simultaneous internal audits as assigned and complete required audits within the scheduled time frame
• Identify potential exceptions and report, escalate, and remediate as required
• Identify and document potential process improvements
• Maintain documentation of audit procedures, evidences and review activities
• Participate in yearly compliance audits as a quality assurance function between the business and external auditors

Qualifications

• Degree or equivalent work experience in computer science, information systems, or related field
• 2 years’ experience in an internal or external compliance audit role performing one or more of the following: General IT Control/SOC1&2/ISO27001:2013 internal control audits
• Knowledge of standards e.g., ISO 27001, ISO 27701, ISAE 3402 / SSAE 16 , SOC 1, SOC 2, SOX GITC, COBIT.
• Strong interpersonal skills and ability to work cross-functionally and across divisions with others
• Attention to detail and a track record of delivering high quality reports of accurately presented data in a meaningful and appropriate way
• Exceptional interpersonal skills to successfully communicate with stakeholders by phone, in documentation, via email, and in meetings and workshops.
• Strong communication and stakeholder engagement skills with the ability to influence and adapt approach as required at all levels
• Solid understanding of how an information security organisation functions
• Able to manage own time effectively and show judgement on prioritising tasks, working on activities concurrently when required and demonstrate flexibility to changing requirements, often at short notice
• Team player
• Competent in Microsoft Excel, PowerPoint and SharePoint
• English – Intermediate written and oral competency