The IS/IT Internal Auditor is responsible for supporting risk-based IT Security and Cybersecurity audits, along with contributing to IT SOX (Sarbanes-Oxley) control testing.
This role is designed for professionals looking to build expertise in cybersecurity risk, IT controls, and audit practices, with hands-on exposure to security assessments, infrastructure controls, and compliance testing. The individual will report to the Internal Audit Director and work under the guidance of Audit Lead while supporting global audit engagements.
Responsibilities- Support execution of IT security and cybersecurity audits across systems, infrastructure, and applications
- Assist in evaluating controls related to: Identity & Access Management (IAM) (user provisioning, privileged access), Network security (firewalls, segmentation, configurations), Vulnerability management and patching processes, Logging, monitoring, and incident response controls and data protection (encryption, backup, recovery)
- Perform testing procedures to identify control gaps and document observations
- Support risk assessment activities by identifying potential cybersecurity risks and exposures
- Execute IT SOX control testing (SOX 404), including: IT General Controls (ITGCs): access, change management, IT operations, perform walkthroughs, collect evidence, and validate control effectiveness
- Prepare documentation aligned with Nokia standards and support tracking and validation of remediation actions
- Audit Execution Support - Support audit lifecycle activities like planning (process understanding, walkthrough support), fieldwork (control testing, evidence validation), reporting (draft observations, documentation support), follow audit programs and guidance from senior auditors
- Documentation & Quality - Prepare high-quality audit workpapers with clear linkage between Risks, Controls, Testing procedures, Conclusions and ensure compliance with internal audit documentation standards
- Coordinate with IT and control owners to request audit evidence, Clarify system processes and controls, and escalate issues or delays to senior team members in a timely manner
- Data Analytics & Continuous Improvement (Exposure) - Support use of data analytics tools (Excel, Power BI) for audit testing, participate in initiatives to enhance automation in IT audits and SOX testing
Must Have
- Bachelor’s degree in information technology, Computer Science, MIS or related field with 2+ years of experience in: IT Internal/External Audit OR IT Security / IT Operations with control exposure OR IT SOX / ITGC testing
Basic understanding of IT Security principles (IAM, network security, patching) and
IT General Controls (ITGCs)
- Familiarity with enterprise systems (e.g., SAP) is a plus
Good to Have
- Exposure to Cybersecurity frameworks (NIST, ISO 27001), Cloud environments (AWS, Azure)
- Certifications (or pursuing) - CISA, Security+, CEH or equivalent
Understanding of audit frameworks such as COBIT
Nokia is a global leader in connectivity for the AI era. With expertise across fixed, mobile and transport networks, powered by the innovation of Nokia Bell Labs, we’re advancing connectivity to secure a brighter world.
Our recruitment process
We act inclusively and respect the uniqueness of people. Our employment decisions are made regardless of race, color, national or ethnic origin, religion, gender, sexual orientation, gender identity or expression, age, marital status, disability, protected veteran status or other characteristics protected by law. We are committed to a culture of inclusion built upon our core value of respect.
If you’re interested in this role but don’t meet every listed requirement, we still encourage you to apply. Unique backgrounds, perspectives, and experiences enrich our teams, and you may be just the right candidate for this or another opportunity.
The length of the recruitment process may vary depending on the specific role's requirements. We strive to ensure a smooth and inclusive experience for all candidates. Discover more about the recruitment process at Nokia.
- Flexible and hybrid working schemes
- A minimum of 90 days of Maternity and Paternity Leave, with the option to return to work within a year following the birth or adoption of a child (based on eligibility)
- Life insurance to all employees to provide peace of mind and financial security
- Well-being programs to support your mental and physical health
- Opportunities to join and receive support from Nokia Employee Resource Groups (NERGs)
- Employee Growth Solutions to support your personalized career & skills development
- Diverse pool of Coaches & Mentors to whom you have easy access
- A learning environment which promotes personal growth and professional development - for your role and beyond
