We are actively seeking a Risk and Internal Audit Lead to work with our client who is a leading player in the oil and gas industry.
The Risk and Internal Audit Lead will take on a highly autonomous role, playing a pivotal part in shaping and expanding a dynamic, growing team. In addition to driving internal audit responsibilities, this role will focus on enhancing company's enterprise risk management (ERM) practices. The position is critical for coordinating with the Audit Manager and collaborating with key team members to strengthen the risk management process and deliver the internal audit plan. Key responsibilities include leading risk assessments, audit planning, execution, and reporting, as well as actively contributing to the continuous improvement of ERM practices at the company.
Job Function:
1.Risk Management
- Advise and challenge the company in identifying, assessing, and managing key business risks, including financial, operational, strategic, compliance, and systems risks.
- Lead the implementation and enhancement of the enterprise risk management (ERM) framework, ensuring alignment with widely recognized frameworks and best practices (e.g., ISO 31000, COSO 2017).
- Lead scenario analysis and stress testing initiatives, helping evaluate the impact of potential risks and support decision-making related to contingency planning and risk mitigation strategies.
- Build and maintain strong collaborative relationships with key stakeholders, promoting, challenging, and embedding risk management practices, while advancing the risk culture agenda across the organization.
- Collaborate with control, operational, and support functions to design and implement risk roadmaps, ensuring effective risk mitigation strategies.
- Oversee the maintenance of Risk Registers, Heat Maps, and Action Plans, ensuring comprehensive risk tracking and accountability throughout the business.
- Facilitate risk reporting to appropriate forums and committees, including senior management and the Audit Committee, providing clear and actionable insights.
- Introduce and support the use of Key Risk Indicators (KRIs) across the business to enhance risk monitoring, providing early warning signals and actionable insights for effective risk management.
2.Internal Audit
- Contribute to the development of the Internal Audit strategy, methodology, and tools, positioning it as an effective third line of defence and a trusted advisor to the business and key stakeholders.
- Collaborate in the creation of the annual risk-based internal audit plan, evaluating the design and operational effectiveness of internal controls across the company.
- Execute the approved annual internal audit plan, including any special tasks or projects requested by the Audit Committee or management.
- Support the implementation of automated business monitoring and data analytics techniques to enhance efficiency in risk management and audit testing.
- Deliver audit findings through clear and concise written reports and oral presentations to the Management Team and the Audit Committee.
- Monitor and review management actions in response to audit findings, ensuring that corrective actions are appropriate, or engaging further discussions with relevant management and staff as needed.
- Maintain comprehensive audit documentation, including audit procedures, reports, and quality control processes to ensure audit effectiveness and accountability.
- Stay current with the principles, guidance, and best practices of the Institute of Internal Auditors (IIA), continuously applying these to improve audit performance.
Qualification & Experience:
- Recognised Risk, Finance and/or Audit qualification; Educated to degree level and relevant professional experience (5+ years), preferably with IT and data analytics skills
- Experience of managing and leading internal audit projects
- Experience with a public accounting firm (Big four is preferred) and/or corporate industry experience with emphasis on operational, strategic and financial controls and internal audit
- Knowledge of internal audit practices, principles and procedures, and the requirements of the IIA’s International Professional Practices Framework
- Knowledge of COSO 2017 or ISO 31000 Risk Management standard, ERM principles and guidelines and control self-assessment approach for the review of reliable financial reporting, operational efficiency, controls compliance and the IT control environment
- Good written and verbal communication and presentation skills, able to confidently write up issues and reports with minimal oversight
- Experience with the application of data analytics techniques in an audit environment (e.g. Audit Command Language) and the use of data query and data visualization tools such as Power BI is highly desirable
- Professional Oil & Gas or relevant operational experience in an industrial company is beneficial
- Certified Internal Auditor (CIA) or Certified Information System Auditor (CISA) is beneficial.
Behavioural skills:
- People management skills and ability to work in teams
- Ability to understand quickly the business model, the management style and the operations of the company
- Strong project management and planning skills; ability to prioritize tasks to meet deadlines
- Availability to travel worldwide in support of the Internal Audit objectives
- Irreproachable business ethics in all activities
- Proactive, hands-on and able to devise, implement and manage Risk & Controls initiatives and frameworks
- Ability to take direction, learn quickly, work independently, and maintain a level of professional skepticism.