Internal IT Audit Manager

Internal IT Audit Manager

The Internal Audit team is looking for an IT Audit Manager to conduct audits in the areas of IT, information security (IS), and business continuity, both at the overall Yandex level and for individual business units and services.

What tasks await you

Participate in the annual planning of IT and IS audits You will be responsible for assessing current threats and risks in the areas of IT, IS, and business continuity, and participating in identifying priority areas requiring internal audit.

Conduct audits of IT and IS processes based on a risk-oriented approach You will develop and execute audit programs based on the assessment of the current risk landscape and the actual design of business processes, develop recommendations for addressing deficiencies, reducing risks, and optimizing business processes, and prepare and coordinate audit reports with management.

Participate in the continuous improvement of internal audit approaches You will participate in developing and updating the internal audit methodology regarding IT and IS, as well as in implementing automation tools for audit tests.

Provide expert support on IT and IS issues You will be required to ensure interaction with external auditors and the second line of defense on IT process issues, and support operational and financial audit teams in assessing the effectiveness of IT controls.

We expect that you

• Have a higher education degree in a technical field
• Have at least five years of experience in IT audit in large companies
• Are knowledgeable in international standards and regulatory requirements in IT and IS: COBIT, ITIL, ISO, DAMA-DMBoK, Federal Law-152, GOST 57580
• Have participated in conducting audits of IT and IS processes based on a risk-oriented approach and have used the COSO methodology in practice

Will be a plus

• Have worked in a SOC, development units, IT operations, or in implementing DevSecOps practices
• Have a CISA certification or equivalent