Business Aligned IT Audit Manager
The IT Audit Manager will be part of Corporate Audit’s Business Aligned IT Audit team, which is responsible for engagements that focus on business risk and related application technology. Team members work with business auditors to understand business risks and related application controls such as interface controls, logical access controls, and input/processing/output controls. The main objective of an integrated audit is to provide management with independent, objective assurance regarding the design and operating effectiveness of the system of internal controls to mitigate both business and IT-related risks. The audit follows a collaborative approach, with business and IT team audit members jointly conducting the majority of internal and client-facing planning, control assessment, testing, and reporting activities.
The IT Audit Manager will also lead the audit execution for IT horizontal and pre/post system implementation audits. The IT Audit Manager will assess the audit scope for IT coverage, manage assessment procedures and test application controls for business audits utilizing a risk-based audit approach. The application controls subject to testing will be determined during the assessments phase of the audit and will most likely include: electronic authorizations; application parameters, settings, edit checks, scripts, and mappings; application access to sensitive application transactions and shared directories; system interfaces; and management, edit, and exception reports.
The IT Audit Manager manages day-to-day activities for audit projects and ensures that audits are completed in compliance with the Corporate Audit Department and Institute of Internal Auditor standards. The candidate requires good analytical, interpersonal, time management, project management, research and communications skills. She/he must be able to effectively work with new and changing situations, including new industry regulations, where there may not always be a readily apparent solution.
- Bachelor’s degree in Computer Science, Information Security, Information Systems, Civil Engineering, Accounting, or a related field, or its equivalent;
- 5+ years of experience with IT and Operations auditing, risk management, or IT compliance.
- Proven knowledge of Information security, system development lifecycle, IT project management and end-user computing;
- Demonstrated experience testing IT general controls and application controls.
- Ability to think strategically and multi-task in a fast-paced environment
- Experience in a number of the following: technology consulting, system auditing, privacy, cyber-security, Public and Private Cloud, software development, financial processes and systems, large project systems integration, risk management, and data analytics.
- Demonstrated knowledge of Institute of Internal Auditors, Corporate Audit Division standards, NIST, COSO, COBIT, ITIL, ISO 27001, Sarbanes-Oxley and SOC 1 / SSAE 16 standards and laws and regulations applicable to the assigned area of responsibility
- Audit experience in public accounting or internal audit, focusing on financial service or other regulated industries
- Excellent analytical, written communication, interpersonal, organizational and presentation skills
- Industry recognized certification CISA, CISSP, CISM
For further information, and to apply, please visit our website via the “Apply” button below.