Global IT Audit Senior Manager - Cyber Security & Data Privacy in City of Westminster

In this role, the Global IT Audit Senior Manager - Cyber Security & Data Privacy will oversee complex-level professional IT internal audit work across all Mars segments with particular focus on data privacy and cyber security. Work involves leading IT audit projects; providing consulting services to the organization’s management and staff; and providing key input to development of the risk-based annual internal audit plan.

What are we looking for?

• Successful candidate must have a minimum 8 years of IT audit experience, with at least 5+ years at a “Big 4” accounting or IT consulting firm preferred.
• Expert understanding of key privacy principles such as lawfulness, fairness, and transparency, purpose limitation, data minimization, accuracy, storage limitation, integrity and confidentiality, and accountability.
• Extensive audit related to data privacy is required, covering areas such as DSAR, DPIA, SCC, cross-border data transfers.
• Experience evaluating technical cybersecurity controls including Network configuration and architecture, EDR, vulnerability management, cloud security, and SOC Operation review.
• Expert knowledge of contemporary IT risk management and control techniques and security control frameworks, such as NIST, ISO/IEC 27001, CIS Controls.
• Expert knowledge of Network, API, AI Model and operating system security.
• Working knowledge of Operational Technology related cyber threats.
• Expertise in privacy policies, regulations, privacy or technology law, policy, such as GDPR, CCPA, LGPD, PIPL etc.
• Experience in privacy controls testing, issue management, and remediation.
• Ability to establish and maintain harmonious working relationships with colleagues and external contacts, and to work effectively in a professional team environment.
• Good command of written and spoken English is a must; additional language skills are preferred.
• Exceptional report‑writing ability, with the capability to distil complex technical issues into clear, concise, and actionable insights for diverse audiences.

Key Responsibilities

• Develop the data privacy and cybersecurity audit plan and act as a thought‑partner for the Global IT Audit Associate Director in preparing audit strategy for other technology audit areas to collectively form the annual, risk‑based internal audit plan.
• Provide oversight to the IT Audit Managers responsible for executing cybersecurity, data privacy, emerging technology, and third‑party vendor risk audit projects and consults across the organization, ensuring systems comply with applicable security standards and privacy regulations such as GDPR, CCPA & NIST.
• Build strong partnership with Cybersecurity and Privacy leaders across the business, and their respective teams, seeking input for annual planning and collaborating on audit results and risks.
• Lead the planning, scoping and execution of audit and consulting projects, including guiding the development of new audit work programs in data privacy and cybersecurity.
• Supervise the execution of multiple audit engagements simultaneously, and support execution of highly complex, high‑visibility/impact projects, as needed.
• Support IA risk assessment of cybersecurity and privacy and participate in forums related to the evolution of controls and governance over cybersecurity and emerging technologies.
• Communicate or assist in communicating the results of audit and consulting projects via written reports and oral presentations on a timely basis to senior management.
• Develop and maintain productive team‑oriented relationships within the Internal team and across the organization through individual contacts and group meetings.
• Perform quality reviews over workpapers and reports and ensure timely report completion.
• Coaching and consulting business units, MGS and Corporate on governance, risks and controls.

What can you expect from Mars?

• Work with over 130,000 diverse and talented Associates, all guided by The Five Principles.
• Join a purpose driven company, where we’re striving to build the world we want tomorrow, today.
• Best‑in‑class learning and development support from day one, including access to our in‑house Mars University.
• An industry competitive salary and benefits package, including company bonus.

The base pay range for this position at commencement of employment is between USD 91,318.00 - USD 125,562.00. Base pay offered may vary depending on multiple individualized factors, including but not limited to job-related knowledge, skills, and experience. The total compensation package for this position will include variable pay, medical and dental benefits, participation in 401k plan, and paid time off benefits. Details of participation in these benefit plans will be provided if an applicant receives an offer of employment.