Imagine your career taking you to the depths of innovation and the heights of impact. Our people enable continuous progress. Their commitment, collective expertise, and unique capabilities are the engine room behind SBM Offshore's - shaping the future of energy, and beyond.
About Us:
SBM Offshore is the world's deepwater ocean-infrastructure expert. Our work is already resulting in cleaner, more efficient energy production. is our promise to enable that into the future while at the same time using our expertise to support new and existing markets in the blue economy. It starts with Advancing our Core: continuing to advance the decarbonization of traditional energy production. While Pioneering More: helping to enable the energy transition and using our unique capabilities in ocean infrastructure to support more industries to grow sustainably. Sharing our experience for a better blue tomorrow.
Purpose
1. As an IT Internal Control and Risk Specialist, you develop and implement IT control frameworks and risk management strategies. Conduct risk assessments, ensure compliance with regulations, and monitor internal controls. Collaborate with stakeholders to enhance IT security and mitigate risks.
Responsibilities
2. Develop and Implement Control Frameworks:
3. Lead and participate in the development of IT control frameworks and policies to ensure compliance with regulatory requirements and industry standards.
4. Conduct risk assessments and identify areas of improvement in IT processes and systems.
5. Design, implement, and maintain internal controls to safeguard IT assets and ensure the integrity of financial reporting.
6. Monitor and Evaluate IT Controls:
7. Perform regular reviews and testing of IT controls to ensure their effectiveness and adequacy.
8. Identify control deficiencies and recommend appropriate remediation actions.
9. Monitor IT systems and processes for potential risks and vulnerabilities, and implement corrective measures.
10. Collaborate with Stakeholders:
11. Work closely with IT teams, business units, and external auditors to ensure alignment of IT controls with business objectives.
12. Provide guidance and support to IT and business stakeholders on control-related issues and best practices.
13. Collaborate with compliance and risk management teams to ensure integrated risk management across the organization.
14. Reporting and Documentation:
15. Prepare comprehensive reports on the status of IT controls, including findings, recommendations, and remediation plans.
16. Maintain thorough documentation of IT control activities, risk assessments, and audit findings.
17. Ensure all control-related documentation is accurate, up-to-date, and accessible.
18. Training and Awareness:
19. Develop and deliver training programs to increase awareness of IT controls and risk management practices among staff.
20. Foster a culture of continuous improvement and proactive risk management within the IT department.
21. Support Audit Activities:
22. Facilitate internal and external IT audits by providing necessary documentation and support.
23. Ensure timely resolution of audit findings and implementation of audit recommendations.
24. Act as a liaison between auditors and IT teams to ensure clear communication and efficient audit processes.
Education
25. Bachelor's Degree: A bachelor's degree in computer science, information technology, business administration, or a related field is required.
26. Certifications: Relevant certifications such as Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certified Risk and Information Systems Control (CRISC), or ITIL (Information Technology Infrastructure Library) are preferred.
27. Advanced Degrees: A master's degree in business administration, computer science, or a related field is preferred but not mandatory.
28. Language Proficiency: Proficiency in English is essential for effective communication with team members, stakeholders, and external vendors.
Experience
29. At least 5 years of experience in IT operations, internal controls, risk management, or a related field.
30. Leadership and Managerial Experience: Proven experience in a leadership or managerial role within IT operations or risk management.
31. IT Operations and Risk Management: Demonstrated ability to develop and oversee IT control frameworks, policies, and procedures to ensure compliance with regulatory requirements and industry standards.
32. Technical Skills: Strong technical background with hands-on experience in designing, implementing, and managing IT infrastructure, including servers, networks, storage, and cloud environments.
33. Regulatory Compliance: Experience with compliance standards and frameworks such as ISO 27001, NIST, and GDPR.
34. Audit Support: Proven experience in supporting internal and external IT audits, including preparing documentation and addressing audit findings.
35. Analytical and Problem-Solving Skills: Strong analytical skills and the ability to identify, assess, and mitigate IT risks effectively.
36. Communication Skills: Excellent communication and interpersonal skills with the ability to liaise effectively with stakeholders at all levels of the organization.
37. Certifications: Relevant certifications such as CISA, CISSP, CRISC, or ITIL are preferred.
38. Team Leadership: Strong leadership and team-building skills, with the ability to mentor and guide technical staff to achieve performance goals and objectives.
Functional Competencies
ComplianceGovernance, Risk and ControlAnalytics and reportingDigital savvyIncident ManagementInternal Audit DeliveryRisk ManagementTechnical Data Management - Technical Data Management