We are seeking a highly skilled and motivated Senior IT Auditor to join our team in Krakow, Poland. As a Senior IT Auditor at Aon, you will play a critical role in assessing and improving our IT control environment, supporting business unit, cybersecurity, and IT management. Our office is located in Krakow and we offer a 50/50 hybrid working model.
responsibilities :
Support Regional/Functional Internal Audit Directors in assessing key IT risks and controls and developing risk-based audit plans responsive to audit priorities and emerging risk activities.
Execute IT assurance and advisory projects included in the annual audit plan within budgeted timeframes and in line with professional and departmental standards.
Assess the adequacy of the company’s IT internal control environment and communicate audit findings and recommendations to improve the overall effectiveness of the internal controls.
Prepare IT audit findings and recommendations for integrated audit findings and prepare reports on the condition of the company’s internal IT control environment.
Monitor the status of management corrective action plans to verify that control issues are addressed, update relevant management reports, and verify the remediation of IT audit findings.
Establish and maintain working relationships with stakeholders across business unit, cybersecurity, and IT management.
Oversee external professional service providers and Internal Audit staff assigned to IT-related duties.
Participate in departmental and corporate initiatives as well as ad-hoc special projects.
requirements-expected :
Minimum 4 years of IT audit or comparable experience with a large multi-national financial service or Big 4 firm.
Bachelor’s degree in information technology or related disciplines, including Accounting or Finance with substantial IT studies.
Professional designations/certifications such as Certified Information Systems Auditor (CISA), Certified in Risks and Information Systems Control (CRISC), and other relevant IT audit, risk management, or information security certifications.
Deep understanding of IT general controls, application controls, cybersecurity principles, and regulatory frameworks (e.g., NIST, COBIT, ISO 27001, SOX, GDPR).
Skilled in data analytics tools (e.g., Power BI, Tableau, Python, SQL), robotic process automation (e.g., Power Automate), and AI/ML basics (e.g., model governance, bias, explainability).
Familiar with cloud platforms (AWS, Azure, GCP), containerization (e.g., Docker), and APIs to audit complex, modern IT environments.
Utilizes agile methodologies in audit planning and execution, demonstrating the ability to swiftly adapt to evolving business and technological risks.
Exhibits a curious and solutions-driven approach, not only identifying control deficiencies but also suggesting practical, technology-enabled enhancements to address them.
Demonstrates exceptional communication skills by translating technical findings into business impacts.
Excels in collaboration by building strong partnerships across business unit, cybersecurity, and IT management.
