Technology Integrated Audit, AVP
The IT Audit Manager will be part of Corporate Audit’s Integrated Audit team, which is responsible for engagements that focus on business risk and related application technology. Team members work with business auditors to understand business risks and related application controls such as interface controls, logical access controls, and input/processing/output controls. The main objective of an integrated audit is to provide management with independent, objective assurance regarding the design and operating effectiveness of the system of internal controls to mitigate both business and IT-related risks. The audit follows a collaborative approach, with business and IT team audit members jointly conducting the majority of internal and client-facing planning, control assessment, testing, and reporting activities.
The IT Audit Manager is responsible for providing advisory services to management through application pre-implementation reviews that identify IT-related risks in new business applications while they are being developed or undergoing major changes. The IT Audit Manager will lead the audit execution for IT horizontal audits. The IT Audit Manager will assess the audit scope for IT coverage, manage assessment procedures and test application controls for business audits utilizing a risk-based audit approach. The application controls subject to testing will be determined during the risk and controls assessment phase of the audit and will most likely include: electronic authorizations; application parameters, settings, edit checks, scripts, and mappings; application access to sensitive application transactions and shared directories; system interfaces; and management, edit, and exception reports.
The IT Audit Manager manages day-to-day activities for audit projects and ensures that audits are completed in compliance with the Corporate Audit Department and Institute of Internal Auditor standards. The candidate requires good analytical, interpersonal, time management, project management, research and communications skills. She /he must be able to effectively work with new and changing situations, including new industry regulations, where there may not always be a readily apparent solution.
- Bachelor’s degree in Computer Science, Information Security, Information Systems, Civil Engineering, Accounting, or a related field, or its equivalent;
- 5+ years of experience with IT and Operations auditing, risk management, or IT compliance.
- Proven knowledge of Information security, system development lifecycle, IT project management and end-user computing;
- Demonstrated experience testing IT general controls and application controls including electronic authorizations, application parameters, settings and/or scripts, and access to sensitive application transactions and data interfaces;
- Ability to think strategically and multi-task in a fast-paced environment
- Experience in a number of the following: technology consulting, system auditing, privacy, cyber-security, Public and Private Cloud, software development, financial processes and systems, large project systems integration, risk management, or data analytics.
- Demonstrated knowledge of Institute of Internal Auditors, Corporate Audit Division standards, NIST, COSO, COBIT, ITIL, ISO 27001, Sarbanes-Oxley and SOC 1 / SSAE 16 standards and laws and regulations applicable to the assigned area of responsibility
- Audit experience in public accounting or internal audit, focusing on Financial Services – asset management, capital markets, alternative investments, custody, etc.
- Excellent analytical, written communication, interpersonal, organizational and presentation skills
- Industry recognized certification CISA, CISSP, CISM
For further information, and to apply, please visit our website via the “Apply” button below.