IT Audit Manager

First Commonwealth Bank
Indiana, Pennsylvania, United States
Competitive salary
16 Sep 2020
17 Sep 2020
Job role
Experience level
The IT Auditor Manager position is a full-time position for individuals who have graduated college or have equivalent experience in auditing, technology, or banking.

Essential Job Responsibilities

1.Auditing: Accomplished at performing standard Information Technology audits and various advanced IT business process areas. Has developed expertise in multiple business processes related to Mainframe, Network, or Browser based operations and systems. Ensures that IT Audit reviews information system processes based on the audit plan and conforms with generally accepted audit standards, bank policy, regulatory requirements (including SOX), and risk of operation. Has performed General Control, Application Control, IT Management Services, and Governance reviews and has significant experience with testing of controls.

2.Technology: Has wide-ranging knowledge and experience with Information Technology systems. Maintains Information Technology skills as directed (Reading Material, Study Material, System Manuals, Etc...). Has performed IT Governance related assessments and assurance reviews.

3.Programming: Has programmed (written code) in at least one language. Has developed automated audit routines and knows how to interrogate FCFC electronic information. Is familiar with applications and their file structures.

4.Support: Works with the Director of Internal Audit and Loan Review, Operational Audit Management, and Loan Review Management to ensure appropriate coverage of the audit plan and directives of the Audit Committee. Ensures that IT Audit practices are appropriately integrated with all function under the oversight of the Chief Audit Executive.

5.Banking: Has a wide-ranging understanding of bank processes and can communicate with Senior and Executive Bank Management on all Bank Business technical services, systems, products, and processes. Has significant experience with reviewing business processes. Is aware of management frameworks (e.g. ITIL), best practices and industry/professional guidelines related to business processes. Understands COSO, SOX, and other significant control related regulations as it pertains to management internal control responsibilities.

6.Accounting/Finance: Has sound understanding of accounting principles and the processes related to financial reporting.

7.Risk: Understands and recognizes IT and non-IT Operations risks for key business processes. Understands extensive risk assessment concepts. Understands the role of Risk Navigator. Has assisted auditors and management in the development process for maintaining walk throughs of business processes highlighting risks and controls. Is familiar with Management's Assertion process. Performs risk assessments for audit related purposes.

8.Controls: Understands General and Application Controls regardless of process. Has thorough knowledge of Pervasive and Entity level Controls as well as Preventative, Corrective, and Detective controls. Understands and recommends control concepts to management as it relates to IT business processes and risks for all stages of the business process life cycle. Is aware of frameworks (e.g. COBIT), best practices and industry/professional guidelines related to controls. Has developed and assessed IT Control Maturity Models based on the COBIT standard.

9.Regulatory: Understands regulatory requirements for business processes regardless of process. Has become thoroughly familiar with Regulatory Guidelines for key processes.

10.Audit Objectives: Assists the CAE, the Director of Internal Audit, and the other Audit Managers in maintaining Audit Procedures (Internal Audit Activities Manual) as it relates to IT functions. Oversees IT Audit documentation (e.g. work papers), reports, and planning processes and ensures they support Audit Committee directives, IAAM requirements, regulatory guidelines, SOX standards and other appropriate practices. Informs the Director of Internal Audit and the CAE of audit progress and or difficulties.

11.Training/Enhancements: Acquires appropriate Audit, Technology, and Bank reference material from Resource Houses and maintains them in the audit library. Has acquired professional certification (e.g. Certified Information Systems Auditor). Adheres to the guidelines and targets established within his/her Performance Assessments. Annually establishes specific training plans for staff assigned.

12.Advanced Responsibilities: Oversees IT Audit for all functions (Administration, audits, conversions, new system, confirmations, and special projects) as assigned. Assists with management of IT Audit Senior and Staff positions as directed by the Director of Internal Audit and the CAE. Participates in committees and/or conversions as an Internal Audit Representative under the guidance of the Director of Internal Audit. Performs other assignments as directed by the CAE or Director of Internal Audit. Represent's IT Audit at the Quarter Audit Committee's as directed by the Director of Internal Audit.

13.Supervision: Oversees the complete IT Audit function. Ensures that audits are performed according to IAAM guidelines and that personnel follow internal audit standards, regulations, and appropriate guidelines. Has supervisor responsibility over all IT Audit functions. Ensures that each IT Audit function is planned, scheduled, performed, monitored, reviewed, and that tests and issues are properly reported. Ensures that the audit processes are sufficient to effectively generate audits, audit tests, and reporting that fulfill audit objectives and the audit plan. Monitors time budgets of all IT Audit functions quarterly. Performs management related administrative tasks related to the audit schedule and planning. Assigns audits and special projects to the Assistant Manager or supervisors.

14.Planning: Develops the IT Audit schedule, annual planning, and necessary IT Audit processes. Maintain the IT Audit Universe. Performs annual risk assessments to determine necessary reviews. Documents and communicates plans to the Director of Internal Audit. Summarizes monitoring of plan to Audit Management.

15.Responds to inquiries relating to his/her particular area within given timeframes and within established policy.

16.Complies with regulations and laws relating to the function of the position.

17.Responds to inquiries relating to his/her particular area, or to the requests from customers, other bank personnel, etc., within given time frames and within established policy.

18.Supports the organization's commitment to ongoing quality service enhancement by participating in multi-disciplined guidance and project teams, as appropriate.

19.Abides by current laws and organizational policies and procedures designed and implemented to promote an environment, which is free of harassment and other forms of illegal discriminatory behavior in the workplace.

20.Conducts all business affairs, both personally and as a representative of the organization according to the high ethical and professional standards established by FCFC and the banking affiliate Board of Directors, and according to the approved Conflict of Interest/Business Ethics Policy.

21.Cooperates with, participates in, and supports adherence to all internal policies, procedures, and practices in support of risk management and overall safety and soundness.

22.Cooperates with, participates in, and supports the company's compliance with all regulatory requirements, e.g. Community Reinvestment Act (CRA), Equal Credit Opportunity Act, etc.

23.Assumes responsibility for assisting in his/her professional development; adheres to the guidelines and targets established within his/her Performance Assessments.

24.Coordinates specific work tasks with other personnel within the unit or department as well as with other units and departments in order to insure the smooth and efficient flow of information.

25.Other job-related duties as assigned or directed.

Bona Fide Occupational Qualifications

1.Bachelor's Degree preferably in the field of Information Technology or equivalent experience with information systems audit, control and/or security; A minimum of 10 years' experience in Information Technology auditing.

2.Must have a sound knowledge of information technology, banking, auditing, and generally accepted data processing principles.

3.Strong interpersonal and oral/written communication skills are required.

4.Must demonstrate a proficiency in interpreting, analyzing, and reporting technical information and processes, as well as a sound knowledge of banking laws and regulations. A proficiency in personal computer systems is also required.

5.Must have achieved Certified Information Systems Auditor (CISA) status.

6.Proficient reading, writing, and grammar skills; proficient analytical and mathematical skills; proficient communicative and interpersonal relations skills.

7.Ability to comply with established budgets and operate within budgetary constraints.

Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities

The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor's legal duty to furnish information. 41 CFR 60-1.35(c)