The contex/Company description With its beginnings in a family run pharmacy in Correggio, Italy in the 1920s, Recordati is now a global pharmaceutical force, listed on the Italian stock exchange, with over 4,300 employees.We are a group of like-minded, passionate individuals who go to extraordinary lengths for our partners, customers, investors and the people across the globe who we serve. We develop and commercialise medicines to serve people living with common diseases, as well as those living with some of the rarest, in around 150 countries.At Recordati, our mantra is simple. We've always believed that health, and the opportunity to live life to the fullest, is a right, not a privilege. Whether that is for common diseases or the rarest – we want to give people the opportunity to be the best version of themselves.This drive will never stop. Together, we will always be reimagining tomorrow – with new ideas, new technologies and new innovations to fight diseases.Recordati. Unlocking the full potential of life Your contribution/mission As IT Internal Auditor you will play a critical role in ensuring the integrity, security, and efficiency of the organization's information technology systems and processes. This position involves conducting comprehensive IT audits, assessing the effectiveness of IT controls, identifying risks, and recommending improvements to safeguard the organization's digital assets. You will collaborate with internal audit teams, the Group IT&C Department, and management to enhance IT governance and compliance. As part of your key responsibilities, you will oversee the: Audit Planning: Develop and execute IT audit plans, including risk assessments, objectives, and testing procedures, in alignment with industry standards and best practicesIT Controls Evaluation: Assess the effectiveness of IT controls, configurations, and security measures to identify vulnerabilities and ensure compliance with relevant regulations and standards (NIS2, others).Data Analysis: Analyse data, systems, and processes to detect irregularities, anomalies, or potential security breaches. Investigate and report on findings.IT Governance: Evaluate the organization's IT governance framework, policies, and procedures. Provide recommendations for improving IT governance practices.Cybersecurity Assessment: Conduct cybersecurity assessments, penetration testing, and vulnerability assessment to identify and address security weaknesses.Compliance: Ensure adherence to industry regulations, compliance requirements, and internal policies, including but not limited to GDPR, NIS2, NIST, etc. Reporting: Prepare clear and concise audit reports, including findings, recommendations, and action plans. Present findings to management and stakeholders.Collaboration: Collaborate with internal audit colleagues to integrate IT considerations into broader audit processes and address IT-related matters. Collaborate with the Group IT&C Department, in specific about NIS/NIS2 compliance.Training and Awareness: Develop and deliver IT-related training and awareness programs to enhance the organization's cybersecurity posture and IT awareness among employees. Your profile You have Bachelor's degree in information technology, Computer Science, or a related field and relevant professional certifications such as Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), or Certified Internal Auditor (CIA) preferred. You have 8 years of experience in IT auditing or in IT department (cybersecurity) . Thanks to your experience you have gained strong knowledge of IT governance frameworks (e.g., COBIT), cybersecurity principles, and industry standards (e.g., ISO 27001, NIST, CIS Controls framework) and you are proficient inauditing tools, data analysis software, and IT management systems. Analytical mindset, problem-solving, good communication, independent but collaborative and multitasking are some of your skills. You have strong ethical and professional conduct, with a commitment to confidentiality and data integrity. And you want to stay updated on emerging IT trends, security threats, and regulatory changes. Your English is fluent. Additional information Location: Milan, Italy Direct Manager: Group Auditor Director Travel: This position may require occasional travel (up to 10%) to various company locations for audits or training. #LI-HYBRID #LI-NA1 At Recordati we believe in people! Inspired by our purpose - unlocking the full potential of life - we are committed to creating a diverse environment and cultivating a culture of inclusion. We strive to continually lead with our values and beliefs, enabling our employees to bring their whole selves to work and develop their potential. We are proud to be an equal opportunity employer. We recruit, develop and reward without regard to, amongst others, gender, sexual orientation, gender identity or expression, national origin, age, physical or mental ability, race, ethnicity, political or religious belief. If you are looking to join a company where you can try new things, speak openly, and be bold, we invite you to apply today. #J-18808-Ljbffr
