Manager II, IT Audit Services

The Manager II, IT Audit is responsible for the execution of audit engagements, which includes planning, developing the project’s scope, maintaining the budget and timeframes of the project to meet audit requirements, and ensuring department Standards are properly met. The role is a direct report to the Senior Audit Manager for Cybersecurity and is responsible for their assigned staff's performance management process and recruiting and retention of staff for the audit team. The Manager II, IT Audit provides input to improve operational efficiency and/or to enhance the design or operating effectiveness of the internal control environment. The role provides technical expertise, with a focus on cybersecurity, and performs supervisor related work including training new employees or those with lesser experience, reviewing work of others, and providing regular feedback and coaching to employees. The role is an integral part of the global technology team, responsible for interacting with Regulators, local and global Senior and Executive management, leveraging technical expertise to evaluate risk areas and ensuring that resources are properly aligned to audit these areas. These areas also include a focus on cybersecurity both from a business and technology aspect, and the further expansion of the cyber liaison program with the business audit teams.

Major Duties:

1. Coordinates and collaborates with the global technology audit team on the identification of risks and execution of audits part of the audit plan.
2. Functions in various roles on audit engagements, including leading audits, staffing audits and providing consulting or oversight functions based on the needs of the team
3. Manages internal audit projects related to Information Technology General Controls (ITGC), information security/cyber, business application, and integrated business audits
4. Provides technical expertise to the IT Audit Team and uses sound audit practices
5. Maintains familiarization and technical expertise with the assigned business unit(s) including organizational structure, personnel, activities and products, new product development, financial performance and risk and problem areas
6. Responsible for staying current on regulatory rules and changes within the industry
7. Interacts and partners with Senior and Executive Management to understand the risks within the business, business changes and other significant events that could significantly affect the business and/or the audit plan
8. Participates in targeted senior-level committees and client meetings, along with presenting to the corporate Audit and Business Risk Committees as well as the local/regional Audit Committee, Oversight Committee, Legal Entity Boards and Risk Committees
9. Communicates with Regulators, external auditors, and various regional risk committees within the Corporation as part of ongoing continuous monitoring which assists in managing the Audit Plan
10. Manages and performs special projects as assigned
11. Participates in meetings with business unit to discuss audit results
12. Communicates with partners at all levels, developing and presenting recommendations on operations and controls for the business unit
13. During audit engagements, assigns work to auditors, sets priorities and monitors activity
14. Conducts the performance management process for direct reports. Oversees the performance management process and ensures identification of training and development needs for the respective team members
15. Utilizes understanding of various Corporate units to ensure operations, services, and systems have proper audit controls in place (i.e., design of the control environment)
16. Reviews audit work including work paper documentation, findings and recommendations and the final report to ensure appropriate adherence to the Corporation’s/Department’s Policies and Standards and ensuring work is performed within established timeframes
17. Evaluates corporate management, business processes, business controls and operating practices during audits and consulting/monitoring engagements
18. Applies analytical skills to review information and determine potential control weaknesses.

Requirements:

• Knowledge of auditing in the financial services industry and basic accounting principles and related work experience
• Solid understanding of ITGC and related processes (e.g., Configuration Management, Vendor Management)
• Understanding of Information Technology Service Management (ITSM) controls (e.g., Incident Management, Problem Management)
• Skills as needed to perform testing of application controls (e.g., Application Security Testing, Interface Controls)
• Skills as needed to perform testing of information security and cybersecurity controls (e.g., Penetration Testing, Security Information and Event Monitoring, Data Security)
• Knowledge of risks related to newer technologies (e.g., Infrastructure as Code, Cloud Access Management, Kubernetes, Containers, CI/CD)
• Knowledge of financial industry standards and frameworks (e.g., NIST CSF, FFIEC, GDPR)
• Knowledge of cloud environments and related technologies (e.g., Microsoft Azure, Amazon Web Services, Google Cloud)
• Professional certifications (e.g., CISA, CISSP, CCSP)
• Strong analytical, leadership, and organizational skills are needed
• Strong report writing and work paper documentation skills
• A College or University degree and/or entry level auditing experience in a financial institution is preferred.
• Adept auditing and/or systems experience in a financial institution, or similar public accounting experience in the financial services industry.

About Northern Trust:

Northern Trust provides innovative financial services and guidance to corporations, institutions and affluent families and individuals globally. With over 130 years of financial experience and nearly 20,000 partners, we serve the world’s most sophisticated clients using leading technology and exceptional service.

Working with Us:

As a Northern Trust partner, you will be part of a flexible and collaborative work culture, which has a strong history of financial strength and stability. Movement within the organization is encouraged, senior leaders are accessible, and you can take pride in working for a company that is committed to strengthening the communities we serve!

We recognize the value of inclusion and diversity in culture, in thought, and in experience, which is why we are honored to receive the following awards in 2021:

• Gender Equality Index Member, Bloomberg
• Top Financial & Banking Company, Black EOE Journal, Hispanic Network Magazine, Professional WOMAN'S Magazine

We’d love to learn more about how your interests and experience could be a fit with one of America’s best banks and most sustainable companies! Build your career with us and apply today.

For further information, and to apply, please visit our website via the “Apply” button below.