Cybersecurity Auditor

Stellantis
is a leading global automaker and mobility provider that offers clean, connected, affordable and safe mobility solutions. Our Company's strength lies in the breadth of our iconic brand portfolio, the diversity and passion of our people, and our deep roots in the communities in which we operate. Our ambitious electrification and software strategies and the creation of an innovative ecosystem of strategic, game-changing partnerships are driving our transformation to a sustainable mobility tech company.

The driving force behind us is the diverse and talented group of men and women around the world who bring their passion and experience to their work every day. And while we are a truly global organization, we remain deeply rooted in the communities in which we operate and where our colleagues live and work.

With industrial operations in nearly 30 countries, Stellantis could consistently exceed the evolving needs and expectations of consumers in more than 130 markets, while creating superior value for all stakeholders.

Description:

We are seeking a highly skilled and detail-oriented
Cybersecurity Audit and Compliance Specialist
to join our Information Security team. The successful candidate will be responsible for assessing, evaluating, and auditing the effectiveness of our organization's cybersecurity policies, systems, and controls. They will work closely with the cybersecurity risk manager to map the security controls and compliance framework to the top cybersecurity risks. This role will be responsible for compliance with relevant laws, regulations, and industry standards.

Key responsibilities:

• Review and analyse cybersecurity policies, procedures, and standards to ensure they align with best practices and compliance requirements
• Monitor and ensure alignment and compliance with cybersecurity regulations (e.g., NIS2, SOX, GDPR…)
• Conduct regular audits and assessments of IT systems, networks, and security controls to identify vulnerabilities and areas of improvement.
• Perform risk assessments to identify potential threats and weaknesses in the organization's information systems and infrastructure.
• Assess security controls, measuring their maturity against CMMI scoring.
• Prepare comprehensive audit reports with clear documentation of findings, including identified risks and recommendations for remediation.
• Provide support for external audits and regulatory inspections as necessary.
• Assist in the development and implementation of corrective actions and preventive measures to address security audit findings.
• Conduct follow-up audits to verify that remediation actions have been completed and are effective.

Qualifications:

• Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or related field.
• Relevant cybersecurity certifications such as CISSP (Certified Information Systems Security Professional), CISA (Certified Information Systems Auditor), CISM (Certified Information Security Manager), or equivalent.
• Proven experience (3+ years) in cybersecurity auditing or related security assessment roles.
• Strong understanding of cybersecurity frameworks, standards, and regulations (e.g., NIST SP 800-53, ISO
• Knowledge of common security threats, vulnerabilities, and mitigation strategies.
• Excellent written and verbal communication skills, with the ability to communicate complex technical information to non-technical stakeholders.

Preferred Qualifications:

• Master's degree in Cybersecurity, Information Assurance, or a related field.
• Experience with risk management frameworks (e.g., NIST SP 800-53, ISO
• Knowledge of industry-specific regulations (e.g., NIS2, SOX, GDPR)
• Experience with IT governance, compliance, and audit software tools.

Personal Attributes:

• Strong ethical standards and integrity.
• Ability to work independently and collaboratively in a team environment.
• Highly organized with strong attention to detail.
• Ability to manage multiple priorities in a fast-paced environment.
• Proactive in identifying and resolving security issues.

At Stellantis, we assess candidates based on qualifications, merit and business needs. We welcome applications from people of all gender identities, age, ethnicity, nationality, religion, sexual orientation and disability. Diverse teams will allow us to better meet the evolving needs of our customers and care for our future.