Skyscanner

About the role

Skyscanner is part of Trip.com Group Limited (Nasdaq: TCOM). We are the leading one-stop travel service provider and one of the largest travel companies in the world.

We are looking for a motivated IT Internal Audit Manager -who is passionate about delivering IT, operational assurance and advisory services to Skyscanner. The position will be responsible for executing both SOX Compliance & Internal Audit activities. You should be highly organised, thrive in a fast-paced environment and be able to work independently within a team. This position ensures internal control measures are in place, company policies and procedures are followed and external regulations are met.

As an Individual Contributor, reporting to the Internal Audit Director, This is a specialist role where you will be given the opportunity and autonomy to make a real impact across the org with a particular focus on Engineering

What are we looking for ? 

Education

• Bachelor’s degree, preferably in Information Technology / Computer Science / Finance / Engineering or related field
• ICAS/ACCA/CISA/CISSP is desirable 

Experience

• 3-5 years of experience at a Big 4 or Internal Audit function
• Solid understanding of IT internal controls, SOX Compliance and systems architecture
• IT domain experience, e.g. information and cyber security, cloud and SaaS systems (e.g. AWS), application controls, change management, agile and waterfall development, networking, database management
• Identity and access management and resilience and disaster recovery planning
• IT frameworks experience such as CoBIT, NIST Cybersecurity and ITIL 4
• Experience in risk management and Workday would be an advantage

Knowledge and Skills

• Self-directed – performs the audit activities with minimal guidance
• Demonstrable experience in areas of application, user access, configuration, organisational change and segregation of duties
• Ability to identify, assess, and prioritise IT risks inherent in the organization's operations and IT environment. Knowledge of risk management principles, frameworks, and techniques to mitigate risks effectively (e.g. COSO, COBIT, PCAOB and SEC)
• Understanding of relevant laws, regulations, and industry standards related to IT security and data privacy, such as GDPR, PCI DSS, and SOX (Sarbanes-Oxley Act) to ensure Skyscanner IT practices comply
• Proficiency in audit methodologies, including risk assessment, control evaluation, testing procedures, and documentation standards
• Familiarity with internal audit standards such as IIA (Institute of Internal Auditors) standards.
• Affinity with services including Java, Python, JavaScript, , AWS, Jira, Confluence, Workday
• Strong written and verbal communication skills to effectively convey audit findings, recommendations, and reports to stakeholders at various levels 
• Ability to translate technical concepts into non-technical language for management understanding.
• Capability to analyse complex IT systems, processes, and data to identify weaknesses, inefficiencies, and areas for improvement. Critical thinking and problem-solving skills are essential for effective audit planning and execution.
• Proficiency in project management methodologies to plan, coordinate, and execute IT audit projects within established timelines and budgets. Ability to prioritise tasks, manage resources, and adapt to changing priorities.
• Demonstrate analytical and data-related skills, linking into Smart Auditing and providing unique insights back to the business
• Outstanding interpersonal and communication skills, including the ability to discuss technical concepts to all stakeholders, particularly within engineering with simplicity 
• Ability to build and maintain positive working relationships with stakeholders, including IT staff, management, external auditors, and regulatory authorities
• Dedication to staying updated on the latest trends, developments, and best practices in IT auditing, cybersecurity, and technology
• Flexibility to adapt to changes in technology, regulations, organisational priorities, and business environments
• Being proactive in addressing emerging risks and challenges in the IT landscapes
• A passion for understanding our travellers and serving their needs, with a vision to build opportunities for us to continue serving at scale
• Be willing to travel