IT Auditor

Why IAG GBS?



IAG GBS (Global Business Services) is part of International Airlines Group, one of the world’s leading airline groups, with 546 aircraft flying to over 270 destinations, carrying more than 100 million passengers each year.



IAG GBS provides a plug and play platform of scalable, best in class procurement, finance and IT business services to IAG’s operating companies which include Aer Lingus, British Airways, IAG, IAG Cargo, IAG Loyalty, Iberia, Iberia Express, LEVEL and Vueling.



The company is headquartered in Krakow, and has operations in London, Madrid, Barcelona and Dublin.

Purpose of the role

• Delivering IT audits across the IAG entities to provide assurance over the adequacy and effectiveness of IT related controls.
• Supporting and monitoring line management in IAG entities to take prompt and effective action to address control weaknesses.

Accountabilities

• Involvement in all stages of the audit lifecycle including planning, developing the scope, identifying key risks, developing and completing test programs, agreeing weaknesses and proposed actions with key stakeholders and documenting these for inclusion in the report.
• Carry out audit work under supervision of Internal Audit Managers, delivering clearly documented conclusions to agreed timescales and addressing, where relevant, risks of fraud, system failure, financial loss and reputational damage due to inadequate controls.
• Draft clear and concise audit reports, including supporting management to develop remedial actions for identified weaknesses.
• Carry out IT General Controls (ITGCs) reviews as part of Internal Control Over Financial Reporting (ICFR) testing, including detailed testing across all relevant IT processes and entities, reporting findings to key stakeholders and external auditors and ensuring resulting actions are followed up.
• Support business auditors by testing both application and IT dependent-manual controls.
• Provide assurance over the controls surrounding delivery of significant business projects, including IT projects and programmes.
• Able to act as a deputy for the IT Audit Manager as required.

Key Relationships / Interfaces

• Heads of Audit (UK/Ireland and Spain).
• Audit Managers (UK/Ireland and Spain).
• Managers of areas subject to audit.

Required Skills, Qualifications & Experience

• Educated to degree level.
• Proven experience in IT audit, which should be recently gained (minimum of 3-4 years of experience).
• An understanding of IT control and risk management principles, cybersecurity, cloud computing concepts, technologies and system development life cycle methodologies.
• A sound understanding of operating system, databases, web and network infrastructures.
• Good level of technical expertise in IT General Controls (ITGCs) and IT Application controls (ITACs).
• Experience with ICFR or SOX 404 audits.
• Ability to comprehend, write and speak English in a business environment (Spanish will be an advantage).
• Experience of working in a complex and sophisticated systems environment.
• Ability to assist non-technical audit colleagues in understanding technology risk and controls.

Other Desirable Qualifications

• Certified Information System Auditor (CISA).
• IT related qualifications (e.g. CISSP, ITIL, COBIT foundation, ISO27001 Lead Auditor).
• Project qualifications (e.g. PMP, Scrum SFC, PRINCE 2).
• Experience of the airline industry an advantage.
• Experience in data analytics (e.g. IDEA, Tableau, etc.) will be also an advantage.