Aon needs to ensure that all its systems are compliant with SOX, PCI, HIPAA, GDPR, SOC1 and SOC2 regulations. It needs resources to facilitate the auditing of controls in place for compliance with those regulations, ensure that the technical teams have the evidence to prove their controls are in place, and if they are not, they need to work with the stakeholders and the technical teams to get them in place.
- Lead and oversee a varied and complex regulatory compliance program covering multiple domains and disciplines.
- Managing the stakeholder expectation & partnering with stakeholders to ensure management of IT risks and compliance.
- Maintain regional and local stakeholder relationships, meeting schedules, minutes, RACI and partnering accountability.
- Lead and effectively manage compliance audits and coordinate with stakeholder IT Platform Services and Global Security Services team in delivering ITGC mandates.
- Maintain, manage and monitor regional and local compliance to the internal control frameworks such as the IT Risk Standards, Internal Controls Framework, SOX, HIPAA, PCI, GDPR, SOC1 and SOC2 regulatory / legal and other obligations / requirements.
- Appropriately analyze ITGC findings and participate in remediation of issues with control owner /assurance partners.
- Provide support in using Evidence Repository to control owners (i.e. Archer).
- Provide support of policy/standards exceptions, report status to regional and local management, and advice on corrective actions.
- Prepare stakeholder presentations for stakeholders and senior leadership
- Understanding of risk and risk assessments.
- Lead a team of IT Audit and Compliance professionals.
- Compliance or auditing experience for minimum of two regulations – SOX, HIPAA, PCI, GDPR, SOC1 and SOC2
- Detailed knowledge of ITGC, Auditing principles.
- Minimum 15-20 years working in area of ITGC compliance or auditing.
- Knowledge of controls manifestation in large global corporations with regional and local presence is required.
- Good understanding of coordination and facilitation role.
- Ability to investigate, question and interpret internal and external IT audit and compliance issue is required.
- Prior experience in audit, risk management, governance, IT security and compliance functions.
- Knowledge of information risk concepts and practices required.
- Good understanding of technology is required.
- Experience of working across business units and geographical boundaries to engage IT, business and team members is required.
- Proven experience dealing with ambiguous situations, and producing a consistent result with varied input.
- Project management experience to manage multiple compliance audits at one time.
- Strong ethos and spotless record
- CISA, CIA, CISSP, CISM, ITIL and/or COBIT
- Bachelor's degree in Computer Science or equivalent experience required
- Master’s degree desirable
- The best medical cover on the market with free dental care
- Generous benefits package for your wellbeing (multisport cards, insurance, vouchers, and many more!)
- Stability of employment and permanent contract after trial period
- Brand new office supporting collaboration, flexibility and activity based working
- Internal career opportunities and individual development plan
- Unique workplace culture - we value openness, honesty and authenticity, so don’t expect formal dress code nor managers hidden behind closed doors
- Lots of social events, charity actions and opportunities to integrate with colleagues
Please attach CV in English only.