Group IT Audit Manager – North America

Job Description

Compass Group is a FTSE 20 and Fortune Global 500 company.  We’re the people behind the food, hospitality and support services that power your day, make you smile and put a spring in your step. That’s just one of the reasons why we’re the World’s leading contract catering, hospitality, and business support services provider.  We operate in all major sectors and industries including education, business, healthcare, government & defense, sport & leisure, offshore and hospitality.  From outstanding restaurant and dining experiences in amazing venues and stadiums to feeding thousands of students, patients, workers, and military personnel, we deliver warm welcomes, clean buildings and safe environments.  

This role will be based in our Charlotte, NC office and will report directly to the Group Head of IT Audit and dotting into the Sr. Director of Global Audit Services – North America.  Working closely with the North America senior leadership teams, this role will be responsible for developing and delivering the IT audit plan for North America and providing support and thought leadership on IT risks and controls.  Overnight travel is anticipated to be 15-20%.  

Job Summary

Responsibilities 

• Develop and deliver the North American IT audit and assurance strategy and risk based internal audit plan.
• Develop and maintain the North America IT audit universe. 
• Plan and deliver IT internal audits including reviews of cybersecurity, existing production systems, software development lifecycle, technology infrastructure and specialized or emerging technologies including AI.  
• Draft high-quality internal audit reports with concise and practical recommendations.
• Develop strong working relationships with the management teams and stakeholders. 
• Provide thought leadership in the areas of cybersecurity risk, IT general controls, and assurance over significant IT change.
• Continuous improvement of internal audit methodology.

Skills and capabilities

• Proactive self-starter with the ability to lead, work independently and engage with teams at all levels in the organization.
• Demonstrated ability to think holistically about IT risks in the context of overall business risks.
• Technically competent and confident in delivering information security audits as well as audits across the technology stack, for example at the infrastructure, network and application layer. SAP experience a plus.
• Strong analytical skills, with strong risk awareness and understanding of processes and controls. Data analytics experience beneficial.
• Commercially competent and ambitious.
• Ability to translate and communicate technical or complex ideas in a simple and concise manner.
• Excellent verbal and written communication skills are essential, with the ability to influence at all levels, as is the ability to function effectively in teams.

Education and experience

• CISA qualified. Other qualifications related to IT audit and security such as CISSP, CRISC beneficial.
• Minimum 8+ years of IT audit experience working within an internal audit department for large organisations and/or IT assurance in a major accounting firm.
• Strong knowledge of Internal Auditing Standards, PCAOB Standards, SOX, COSO, and referential frameworks such as COBIT, NIST, ITIL, etc.
• Good working knowledge of SAP is desirable.
• Ability to communicate effectively with technical and non-technical audiences
• Experience in a consumer-focused business would be advantageous. Fortune 500 experience preferred.
• Experience in delivering integrated audits desirable.
• Excellent PC Skills (Word, Excel, Access, PowerPoint, Visio, Electronic audit work papers, etc.).