IT & Data Internal Auditor

FulltimeAntwerp

CMB.TECH is a diversified and future-proof maritime group committed to decarbonising the shipping industry. At CMB.TECH, we believe in hydrogen for small ships and ammonia for large ships, ensuring we stay at the forefront of green innovation. Here, you’ll get more than just a job title – you’ll be part of a team dedicated to creating a better and more sustainable maritime industry.

To strengthen the Internal Audit Team, we are currently looking for a highly skilled and dynamic IT & Data Internal Auditor.

What are we looking for?

The role focuses on independently assessing the organisation’s IT systems, cybersecurity environment, data management practices, and compliance with legal and regulatory standards, including SOX/ICFR requirements. You will work closely with three other internal auditors and report to the Head of Internal Audit, collaborating across departments to ensure robust IT risk management and data integrity across CMB.TECH.

Responsibilities

Plan, execute, and document independent IT and data audits, including reviews of cybersecurity frameworks, IT general controls (ITGCs), IT application controls (ITACs), IT entity-level controls (IT ELCs), infrastructure resilience, and data governance;
Identify, assess, and report on IT risks, control deficiencies, and areas for operational improvement;
Evaluate the effectiveness of IT governance, risk management, and control frameworks (COSO, COBIT) and recommend improvements;
Perform data analytics to enhance audit effectiveness and provide assurance over data completeness, accuracy, and security;
Support integrated audits by working closely with the financial audit team, contributing IT and data expertise to broader internal control reviews (aligning with SOX/ICFR);
Collaborate with IT Security, Compliance, Risk Management, and Business Units to promote integration of IT and data controls into the company's overall risk management framework;
Prepare and present clear, concise, and impactful audit reports to management, ensuring findings and recommendations are actionable and tracked to closure;
Facilitate coordination with external auditors regarding IT audit aspects, documentation requirements, and remediation tracking;
Assist the Head of Internal Audit in developing the annual risk-based audit plan and scoping IT-related engagements;
Stay informed of evolving cybersecurity threats, regulatory developments (e.g., GDPR, NIS2 Directive), and industry best practices impacting IT controls.

What do you bring?

Formal education: Bachelor’s or Master’s degree in Computer Science, Information Technology, Information Security, Management Information Systems, or related fields;
You have a minimum of 3 years of relevant experience in IT auditing, IT risk management, cybersecurity, IT governance, or IT control implementation;
Languages: proficiency in English (both spoken and written) is a must. Other languages are considered an asset;
Strong understanding of ERP systems (e.g. Oracle NetSuite, SAP) and data environments; hands-on experience with data analytics tools (e.g. SQL, Python, R) is a plus;
Solid knowledge of IT internal control frameworks, such as COSO, COBIT, ISO 27001, and familiarity with SOX/ICFR principles;
Good knowledge of data privacy and cybersecurity regulations (GDPR, NIS2) and IT risk standards;
Ability to clearly explain technical concepts and IT control findings to non-technical stakeholders;
Strong critical thinking, organisational, and communication skills, with the ability to work independently and in a team environment;
Professional certifications such as CISA, CISSP, CIA, or equivalent are considered an advantage.

If you have a passion for both IT and auditing, we invite you to apply for this exciting opportunity. Join our team and contribute to the success of a dynamic and growing organisation.

Applicants can find the recruitment privacy statement via this link. This privacy statement explains why we require your personal data and how we collect, use, and protect your personal data during the hiring process.