DIRECTLY REPORTS TO

Chief People and Customer Officer

MAIN AREA OF RESPONSIBILITY:
The primary responsibility of the  Audit and Compliance Lead is to add value and improve our operations by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes. He/she will be responsible also for the development, dissemination, and implementation of internal audit, risk management, and compliance-related standards, policies, and procedures.

TASKS:

• Reports to the Chief People and Customer Officer and to the Audit & Risk Committee
• Responsible for preparing and administering the audit plan, monitoring audit performance, and Audit & Compliance Department roadmap
• Design, develop and lead the execution of internal audits, including IT/IS Audit, in conformance with the ISPPIA and with ISO 19011 and ISO 27006 
• Reviews business processes, evaluate the efficacy of risk management procedures that are currently in place and creates a compliance system that effectively addresses organizational needs
• Manages daily operation of the Audit & Compliance department
• Advise internal management or business partners on the implementation or operation of risk management and compliance programs
• Design or implement improvements in communication, monitoring, or enforcement of compliance with Information Security Management System and Data Privacy policies.
• Verify that all key controls, policies, and procedures have been documented, implemented, and communicated;
• Perform and control the full audit cycle including risk management and control management over operations’ effectiveness, financial reliability, and compliance with all applicable directives and regulations
• Perform other duties appropriate for this position as assigned

QUALIFICATIONS | COMPETENCIES:

• At least 3 years of proven experience in internal audit, risk management, and compliance review with the Data Privacy Act of 2012, ISO 27001, and other key regulatory requirements
• Has ISO 27001 certification relevant to the role
• Strong understanding of auditing standards and applicable laws and regulations
• Previous exposure to and understanding of ISO 27001 Information Security Management System certification audits and/or with other ISO Management Systems
• Understanding of Risk Management principles and practices, including IT and/or information security risk management
• Aware of key cyber security and data protection/privacy compliance requirements, laws, and/or standards (e.g., GDPR, NIST, PCI-DSS)
• Ability to manipulate and analyze large amounts of data and compile detailed reports
• Has strong attention to detail, analytical, and statistical skills.
• Ability to use sound judgment including maintaining the confidentiality

Sprout Solutions provides equal Opportunity Employment and Welcomes applications from all sectors of the society. Discrimination on the basis of race, religion, age, nationality, ethnicity, gender, citizenship, civil partnership status, or any other grounds as protected by law.

Disclaimer

Before we proceed with your application, this is to confirm that you voluntarily give your consent to the following:

• I intend to apply for a position with Sprout Solutions Inc. 
• I voluntarily sent my Resume/CV to Sprout Solutions Inc. 
• I agree to give my consent to my personal and sensitive Information for facilitating my application with Sprout Solutions Inc., In accordance with Sprout Solutions Inc. Privacy Statement and the Data Privacy Act of 2012. 
• I agree to be contacted by Sprout Solutions Inc. and its 3rd Party Reference provider for the purpose of processing my Job Application.