BeschreibungThe IT Compliance Manager & Auditor is responsible for ensuring that INNIO's IT and digital landscape complies with applicable regulatory requirements, internal policies, and recognized industry standards. The role designs, implements, and continuously improves IT compliance and IT governance frameworks that support business scalability, operational resilience, and strategic objectives.This position acts as a key interface between IT, business stakeholders, internal audit, and external auditors, translating regulatory and compliance requirements into practical controls, processes, and improvement initiatives. By proactively monitoring compliance, assessing risks, and investigating deviations, the role safeguards INNIO's information assets and strengthens the integrity, transparency, and effectiveness of the IT control environment.
What INNIO offers you:An innovative and international working environmentFlexible working time model (depending on position and role)Health We Care program – including company sport activitiesMoving cost support for new employees in accordance with policyGood connections to public transport – station in direct proximityTransportation cost support in accordance with policyOne of the best canteens in the area with healthy and various mealsAttractive location in the heart of the Alps with various outdoor sports and leisure possibilitiesYour Responsibilities:Compliance ManagementDesign, implement, and maintain IT compliance programs to ensure adherence to applicable laws, regulations, and standards (e.g. ISO 27001, IEC 62443, NIS2, EU AI Act, and similar frameworks).Continuously monitor changes in IT- and digital-related regulatory requirements and assess their impact on INNIO's systems, processes, and policies.Coordinate closely with impacted internal stakeholders (IT, Digital, Legal, Finance, Engineering, etc.) to introduce, communicate, and embed required changes into the organization.IT General Controls (ITGC) & SOX CompliancePlan, coordinate, and execute ITGC and SOX-related compliance activities in cooperation with external auditors, internal audit, and external consultants.Perform ITGC assessments covering areas such as access management, change management, IT operations, and system development controls.Identify, document, and assess control deficiencies, including root cause analysis and risk impact evaluation.Define, implement, and track remediation actions and compensating controls to address identified deficiencies in a timely manner.Audits, Reviews & Assurance ActivitiesConduct regular internal IT compliance audits, reviews, and risk assessments to evaluate the effectiveness of controls and identify areas of improvement.Serve as a key point of contact for external and internal auditors, supporting audit preparation, execution, and follow-up activities.Develop, manage, and monitor action plans resulting from audit findings, compliance gaps, or regulatory observations.Reporting, Training & Stakeholder EngagementRegularly report compliance status, key risks, audit outcomes, and improvement initiatives to senior management.Develop and deliver training and awareness sessions on IT risk management, compliance obligations, and control responsibilities for IT staff and relevant business functions.Promote a strong culture of compliance, risk awareness, and accountability across the organization.Leadership & Continuous ImprovementManage and mentor members of the IT Governance and Compliance team, fostering professional development and high performance.Define and track relevant service metrics, SLAs, and KPIs related to IT compliance and control effectiveness, driving continuous improvement initiatives.Your Profile:Bachelor's degree in Information Technology, Computer Science, Information Systems, or related fieldMinimum of 5 years' experience in IT compliance, IT audit, IT risk management, or related disciplineHands-on experience with ITGC and SOX compliance in international or complex IT environmentsProven experience working with internal and external auditors, and regulatory bodiesProfessional certifications such as CIA or CISA are highly desirableExcellent analytical, investigative, and problem-solving skills with high attention to detailStrong knowledge of IT governance, risk management, and compliance frameworksAbility to translate regulatory and technical requirements into practical processesStrong communication and stakeholder management skills across technical and non-technical audiencesAbility to manage multiple priorities, meet deadlines, and work independently in a dynamic environmentAt INNIO, we offer an attractive compensation package that is above the collective agreement for the metal industry. Your qualifications and experience will be considered in an open dialogue during the recruiting process to ensure a market-competitive compensation package.