IT Audit and Compliance Officer

. Are you ready to shape tomorrow’s general IT control capabilities together with us?   At Volvo Group we put great value on having an effective and efficient internal control environment. IT general controls are an essential part of the puzzle, rendering high management attention. In this role you will work closely to our application and infrastructure teams to oversee audit activities, interpret findings and recommendations, and facilitate the implementation of controls and improvement activities.  Your team will be Risk, Compliance and Audit (RCA) situated in the Enterprise IT Security Unit. We are a function that orchestrates the identification, assessment, mitigation, and reporting on IT and OT security risks. We assess and monitor compliance towards external and internal security requirements, by overseeing IT related audits and following up on mitigating activities. You’ll be working in a new and ambitious, self-driven and supportive team, where information sharing, and psychological safety are valued. You will report to Head of Compliance and Audit, who will also support you in your professional growth journey.   This is us, your new colleagues We, at Enterprise IT Security, are on a mission to secure the digital journey for the Volvo Group. We work closely together with stakeholders across several Truck Divisions (TDs), Business Areas (BAs), and Group Functions (GFs). While the BAs are responsible for driving the business, the TDs provide research, development, purchasing, manufacturing, and assembly. Within Volvo Group, the GFs own the Group agenda, provide strategic direction, and have global responsibility in group-wide functions such as IT, legal, compliance, and security.  This is how you could make an impact * Your main tasks and responsibilities include:  * Manage and oversee audit activities – including both external and internal audits  * Advice and assist colleagues to interpret audit findings and recommendations  * Coordinate development of Corrective Action Plans for audit findings  * Advice on activities to strengthen control effectiveness  * Facilitate the implementation of controls and improvement activities  * Report and follow up on audit progress, remediation, and mitigation status  * Drive our agenda to continuously improve and automate our controls    To be successful in this job you need to stay on top of the threat and risk landscape, the regulatory environment, our business strategies, emerging technologies and how new technologies and ways of working alter our risk and control posture.  Who are you? You are a motivated person that contributes both to successful completion of our objectives, as well as to the team spirit of EITS. You are well structured with a drive that makes you complete tasks within given timeframes, and you work well both in a team as well as on your own tasks.    Mandatory qualifications:  * Genuine interest and proficiency in technology and information/cyber security  * Master’s/Bachelor's degree in data/system science or equivalent experience  * Effective communicator verbally and in writing in national language and English  * Experience from IT audit and thorough understanding of how the IT audit supports the financial audit process  * Experience from performing IT audits as part of the financial audit  * Good insight in IT General Controls and relevant IT control frameworks   * Possession of, or willingness to earn, relevant certifications, such as CISA, CISSP, etc.  Experience in one or more of the following areas would be advantageous:  * Experience of security testing, risk management or similar  * Thorough understanding of Industry standards such as ISO27000, NIST, CMMC, GDPR, etc.  * Third party risk management, due diligence and assessments/audits  * Utilizing tools to perform effective control testing and continuous audit  * Conducting technology and information security risk assessments  As a member of the RCA team, you shall possess personal attributes to enable acting professionally in accordance with sound principles and be:  * Observant, and actively aware of physical surroundings and activities  * Tenacious, persistent and focused on achieving objectives  * Decisive, and reaches timely conclusions based on logical reasoning and analysis.  Are we the perfect match? Yes, we are if you want to join the journey of building RCA into a high-performing team that have fun at work while delivering great stuff. You contribute with your personality and experience from the IT audit field, and we give you the right context and a great opportunity to grow in a multinational global organization.   We value your data privacy and therefore do not accept applications via mail.