Are You Ready to Make It Happen at Mondelēz International?
Join our Mission to Lead the Future of Snacking. Make It Uniquely Yours.
More about this role
Role Purpose:
The IS Internal audit manager plays important role in leading Mondelez (MDLZ) IT Internal Audit process and driving collaboration with the IS and business functions to identify improvements in IT internal control environment its compliance Mondelez IT standards, Sarbanes Oxley regulatory compliance requirements and leading practices.
For Internal Audit, the role has responsibility to lead MDLZ Global IT internal audit agenda which includes particularly the following:
Conduct regular risk assessment to identify key IT and Cybersecurity risk areas and ensure those are appropriately covered in the annual IT audit plan.
Lead design and implementation of internal audit processes and solutions for continuous monitoring of IT and Cybersecurity risks and controls leveraging data analytics techniques.
Lead development of MDLZ audit approach/methodology/workplans for risk assessment and auditing new emerging risks areas which intersect with IT, cybersecurity or technologies (e.g. Cloud, Agile development, E-Commerce, Social Media, ESG,)
Lead building Internal Audit’s IT and Cybersecurity subject matter expert hubs
Work with co-sourcing partners to enable effective resourcing of audits with the right skillsets and talents.
Lead Internal Audit IT assessments at MDLZ ventures and acquired businesses to provide assurance on adoption of MDLZ security controls and standards in the entities.
Lead and manage end to end audit cycle process for MDLZ IT and Cybersecurity audits and advisory reviews (planning, execution, reporting) following risk-based audit approach in conjunction with in-charge (Lead Audit Senior) to adequately address all significant business and audit risks.
Manage the functional budgets relating to individual Internal Audits (with co-sourcing partner.
Ensure that all audit work is thorough, complete, and has been performed in accordance with MDLZ IA SLAs/KPIs, IIA standards, MDLZ Internal Audit standards and other relevant industry standards (ISO/ITIL, etc.) depending on focus area of the review.
Ensure that Business and IT risks / opportunities (including cost saving and business opportunities) are promptly and accurately identified and communicated to senior management and external auditors.
Build strong working relationships with MDLZ IS leadership and their respective teams.
Performance Measures / KPIs:
Current and Emerging IT & Cyber Risk Identification and their addressing in IA plan:
Design and Implement a data driven process and solutions for continuous monitoring of IT & Cyber-risks
Develop methodology for Risk Assessment and Audit Execution for Emerging IT & Cyber Related Risks
Working solution providing inputs for annual risk assessment as well as ad-hoc risk re-assessment
Timely identification and evaluation of the emerging risks with analysis of their potential impact on MDLZ
Internal Audit Risk assessment:
Conduct regular formal risk assessment across MDLZ functions and Ventures to design the IT IA plan
Annual IT Audit plan / scope supported by risk-based arguments in line with quality and value measures/KPIs for delivery of the IT audit plan
Internal Audit Delivery:
Deliver IT audit plan - Lead and manage end to end audit cycle process for MDLZ IT audits and advisory reviews.
Ensure that all audit work is thorough, complete, and has been performed in accordance with MDLZ and external standards
Quality and value measures/KPIs for audit execution and reporting
Strong governance over quality and timeliness of IA IT services
Manage 3rd parties:
Manage budgeted spend relating to IA and oversight of co-sourced resources from partners
Develop IT & Cyber SMR hubs with the co-sourcing partner
Budget to actual tracking and reporting
Feedback from auditees on expertise and ways of working of the IA teams meeting defined KPIs
IA results Communication:
Ensure that audit results are effectively communicated to senior management and external auditors.
Build strong working relationships with MDLZ IS leadership and their respective teams.
Management of key stakeholders and influencing all levels of management
Career Experiences Required:
Knowledge/ Technical Work-based Skills
Strong audit and controls background and technical experience.
Strong IT Risk management and Cybersecurity skills (from audit / risk & compliance point of view)
Ability to manage diverse set of stakeholders, ability to deal with ambiguity and to manage conflicts
Learning agility to assess emerging risks and execute audits and controls assessments across diverse functional areas
Excellent interpersonal skills with ability/desire to work in a team-based, customer-focused environment
Strong communication skills to all levels of management
Strong leadership skills; ability to effectively influence all levels of management
General Skills
Strategic Agility
Dealing with Ambiguity
Conflict Management
Decision-making quality
Qualifications & Experience
Technical IS Audit, Cybersecurity and Analytics Expertise
8+ years’ experience in IT Audit/Controls/Cybersecurity Practice
Degree Accounting, Information Systems
IT Audit or Cybersecurity Certification (e.g. CISA, CISSP, Security+, CCSP.)
Strong analytical and conceptual abilities, technical audit expertise
Ability to manage complexity – multiple stakeholders across regions/functions, countries and global
Ability to manage external audit stakeholders and communicate with IS leadership
#ITAudit #InformationTechnologyAudit #ITInternalAudit #Cybersecurity #InformationSecurity #InfoSec #InternalAudit #SarbanesOxley #SOX #RiskManagement #ITRisk #CISA #CISSP #CISM #CRISC
Mondelēz International is an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, gender, sexual orientation or preference, gender identity, national origin, disability status, protected veteran status, or any other characteristic protected by law.