Internal Auditor

Summary

Join lastminute.com's Internal Audit team in Lisbon, Portugal as a remote worker. This permanent, full-time position requires 2-4 years of experience in IT/Cybersecurity or Internal Controls audit. You will assist the Head of Internal Audit in planning and executing the annual audit plan, lead audit engagements, and develop recommendations for process improvements. The role involves collaborating with internal and external stakeholders, preparing reports, and monitoring the implementation of recommendations. A Bachelor's or Master's degree in a relevant field and excellent English communication skills are required. The company offers a shorter working week, flexible hours, and various professional development opportunities.

Requirements

• Experience : 2-4 years of experience in either IT/Cybersecurity audit or Internal Controls audit
• Bachelor's or Master's degree in Finance, Business Administration, Information Systems Engineering or a related field
• English (mandatory): Excellent written and spoken language skills

Responsibilities

• Assist the Head of Internal Audit in planning and executing the approved risk-based annual audit plan
• Assist the Head of Internal Audit in preparing ad-hoc presentations and drafting meeting minutes related to the Audit Committee
• Lead and independently execute end-to-end internal audit engagements, ensuring timely and high-quality delivery
• Coordinate and oversee external consultants, if engaged, in the execution of internal audit engagements, to ensure alignment with internal audit methodologies and objectives
• Develop a deep understanding of business processes within the audit scope, identifying key risks and controls
• Conduct kick-off meetings with auditees to clearly communicate the audit scope, objectives, and key steps of the audit process
• Obtain, analyse and evaluate audit evidence, ensuring that audit findings are supported by well-documented conclusions
• Identify and communicate audit findings identified, proposing practical and value-added recommendations to address control weaknesses and/or process improvements
• Prepare formal audit reports to effectively communicate findings and recommendations emerged during the audit activities conducted
• Lead closing meetings with auditees at the end of fieldwork activities, providing clear, constructive feedback on audit findings and recommendations
• Monitor and assess the implementation status of audit recommendations, ensuring that agreed-upon corrective actions are effectively executed within the defined timeline
• Support the continuous improvement of the Internal Audit function, contributing to risk assessments and control evaluations that enhance governance, risk management, and internal controls
• Develop and maintain effective and professional working relationships with all levels of management within the organization
• Assist in ad-hoc projects and special investigations, as required by senior management or regulatory bodies

Preferred Qualifications

• IT & Cybersecurity Focus : Experience in IT audits, cybersecurity risks, IT general controls (ITGCs) and data protection. Familiarity with frameworks such as NIST, COBIT and CIS Controls is a plus
• Internal Controls Focus : Strong knowledge of internal control frameworks (e.g., COSO, SOX compliance, risk-based auditing, process and financial controls)
• Other languages: appreciated but not required

Benefits

• An inclusive, friendly, and international environment (you’ll be working with colleagues from +10 countries and over 48 nationalities)
• Shorter working week (36h as full time), with a half working day on Fridays
• Flexible start and end of the working day
• Possibility to work from anywhere for a period of time per year defined according to local regulations
• Fri-Yays: half a day on Friday morning with a no-meeting mandate and dedicated to deep work, personal growth, learning and training and/or focus time
• Professional and managerial skills development training paths, access to e-learning platforms such as O’reilly, Udemy, Coursera (depending on the department), and to our internal platform offering bespoke training content
• 2 paid days off per year for volunteering purposes
• Occasional social events to foster connections among colleagues
• Travel industry discounts and flash exclusive staff fares
• We support our employees through life's significant moments with leave options (e.g parental responsibilities, marriages, bereavements, relocations, etc.) in line with local laws