Senior Internal Auditor - IT and Operational Audit
Location: Flexible (Hybrid – 3 days from office)
Department: Risk, Audit & Assurance
Job type: Permanent

Join us and make a difference when it matters most!
We are committed to strengthening risk management, safeguarding data, and enhancing operational resilience. This role offers the opportunity to shape audit strategies and partner with the business to ensure robust controls across IT, data, and operational risk landscapes.

The Team
This role sits within the Risk & Audit function and works closely with IT, Finance, Operations, and senior leadership teams. The position plays a key role in strengthening governance, ensuring regulatory compliance, and supporting enterprise risk resilience.

Role and Responsibilities
IT Audits

• Support the development and delivery of the annual IT and data risk audit plan.
• Plan and execute IT audits across key areas including: IT system implementations, Cybersecurity and IT resilience, Artificial Intelligence, IT General Controls (ITGCs), IT governance frameworks, and Critical third-party/vendor risk assessments.
• Assess compliance with relevant regulations and standards, including EU AI Act, NIS2, and GDPR.
• Identify system vulnerabilities and control gaps, providing actionable recommendations to mitigate risks.
• Ensure timely and robust follow-up of audit findings and remediation actions.

Operational Audits

• Plan, lead, and deliver operational audits across areas such as: Manufacturing and production processes, Security and access controls, Data privacy, and Back-office and support functions.
• Provide insights to improve efficiency, strengthen controls, and reduce operational risks.
• Monitor and track implementation of agreed audit actions.

Risk Resilience

• Support implementation of a risk preparedness and resilience framework across the organisation.
• Assist in identifying, documenting, and assessing functional risks, ensuring appropriate mitigating controls are defined and embedded.
• Partner proactively with IT and business stakeholders to enhance governance over key risk areas, including: Cybersecurity, IT disaster recovery and business continuity, and Artificial Intelligence risk management.
• Promote a risk-aware culture and continuous improvement in risk management practices.

What you’ll bring

• Experience in IT audit, risk management, or internal audit within a complex organisation.
• Strong understanding of IT risk domains, including cybersecurity, data governance, and IT controls.
• Knowledge of relevant regulatory frameworks (e.g., GDPR, NIS2, EU AI Act) is preferred.
• Proven ability to plan and execute audits independently and deliver high-quality insights.
• Strong analytical, problem-solving, and stakeholder management skills.
• Ability to influence and collaborate with cross-functional teams.
• Professional certifications (e.g., CISA, CRISC, CIA, or equivalent) are advantageous.
• Fluent in English, both written and spoken.

What we offer in return

• Flexible benefits package
• Opportunities for learning and professional development
• Collaborative and inclusive working environment
• Full ownership of the project

Diversity and inclusion: We are committed to creating an inclusive workplace where everyone feels valued, respected, and empowered to reach their full potential.

About Us
Mundipharma is a global healthcare company with a presence across Africa, Asia Pacific, Canada, Europe, Latin America, and the Middle East. Mundipharma is dedicated to bringing innovative treatments to patients in the areas of Pain Management, Infectious Disease and Consumer Healthcare as well as other severe and debilitating disease areas. Our guiding principles, centered around Integrity and Patient-Centricity, are at the heart of everything we do.