IT Audit Manager (Information Security expert)

Location France, France
Experience level Experienced Hire
Job details sector Audit
Apply before Permanent offer

Education and Experience:


Engineer, min. 7 years of IT audit experience or >9 years of IT experience focusing on Information Security




The applicant must:


• Demonstrate a strong expertise and track record of valued Information Security auditing (including penetration testing)


• Be able to manage audits on any other IT domain


• Be passionate of information security and technology (e.g. know how to search for IT related knowledge, attend to IS or IT auditing conferences, etc.)


• Previous experience of IT audit gained while working in an audit firm would be a clear plus


• Show a great ability to listen, a critical mind, a good analytical sense as well as capacity for synthesis


• Ability to build good working relationships with auditees and key stakeholders.


• Be able to work in autonomy


• Be objective and rigorous in his / her approach


• Have good communication skills orally and in writing, ability to convince and to write clear, precise and accurate reports


• Ability to anticipate risks and to take initiatives. Can handle unforeseen changes • Be open-minded and dynamic, ability to work within a multicultural team


• Show good communication skills orally and in writing, ability to convince and to write clear, precise and accurate reports


• Ability to work (i.e. speak and write reports) on a daily basis both in French and in English




• Knowledge of IT audit methodologies as well as IT standards and tools


• Professional certifications like CISA, CISM, CISSP is a plus


• Having published articles or tools related to IT audit or information systems information is a plus


• Third language a plus


• Position based at the Group level in Paris with 20% to 30% of the time spent traveling


Primary mission:


We are looking for an IT Audit Manager expert in Information Security to perform independent reviews of IT domains across the various entities in the scope of the Central IT Audit team.




Internal Audit reviews the effectiveness of the internal control and risk management framework operated within the Group and directs the global internal audit teams to accomplish its objectives of providing independent and objective assurance on the effectiveness of risk management, internal control and governance processes.


The Central IT Audit team is composed of IT auditors and managers covering IT audit matters at Group level and for various entities, including GIE AXA, AXA Investment Managers, AXA Life Invest, AXA Liabilities Managers, AXA Corporate Solutions, AXA Global P&C, AXA Global Life, as well as providing expertise and resources for the Internal Service Providers and the Regional IT audit teams and audits delivery.


Core activities:


• Define, plan, and realise IT audit assignments over all Technology related areas in accordance to our methodology, including assessments related to:


- Information Security


- Business Continuity


- IT Management & Governance


- Project Development & Delivery, Project Portfolio Management


- IT Operations


• Responsible for the audit scope, including the documentation of the key processes and associated controls being reviewed


• Elaborate draft audit report, including the formalisation of added value recommendations on internal controls, operating efficiencies and governance processes being reviewed


• Present audit conclusions to the management of the area audited


• Perform the follow up audit issues and recommendations and monitor management’s action plans progress


• Contribute to the risk assessment and audit planning exercises


• To manage, train and develop IT auditors (one direct report)


• Develop and maintain IT audit work programmes / tools and share knowledge across the IT Audit community


• To contribute to projects aiming to benefit to the global pool of IT auditors