This job is no longer available

IT Audit Manager - Applications & Infrastructure, AVP

Recruiter: State Street
Location: London, UK
Salary: Not disclosed
Posted: 21 Jun 2021
Closes: 21 Jul 2021
Ref: R-666231
Approved employers: Approved employer
Job role: Accountant, Audit, Compliance/risk
Sector: Accounting - Public practice, Banking and financial services, Digital
Contract type: Permanent
Hours: Full time
Experience level: Manager

State Street’s Corporate Audit Division

At State Street, our people are our most valuable — and valued — resource. We know that smart, skilled, productive employees are essential to our company’s continued success. As a leading provider of financial services, with operations in 26 countries and more than 29,000 employees worldwide, we work hard to provide an environment where every employee feels engaged, valued, and well-equipped to reach their full potential.

State Street’s Corporate Audit Division carefully recruits staff with a combination of backgrounds, including prior audit experience in internal and external audit practices, information technology or specialized areas such as regulatory compliance, securities trading and operations. As a member of State Street Corporation’s Audit Division, you will be part of a team where collaboration is encouraged, excellence is rewarded, and diversity is valued. We offer flexible schedules, continuous training, global exposure and multiple opportunities for personal and professional growth.

Our team of 300 professionals is responsible for providing independent, objective assurance and advisory services designed to add value, minimize risk and improve the overall control environment of State Street Corporation and its subsidiaries. Our auditors interact and communicate regularly with executive management and have tremendous insight into all parts of the company’s daily operations. Our audit team acts as:

Independent advisors—advising management on risks related to strategic initiatives and process and systemic changes;
Subject matter and controls experts—providing knowledge and experience in key risk areas;
Efficiency specialists—identifying inefficiencies in risk management and control design;
Problem-solving partners—looking ahead to help management envision future risks and opportunities.

IT Audit Manager primary responsibilities

As a key member of the team, you will:

Work as part of an international team with global stakeholders in new and changing situations where there may not always be a readily apparent solution.
Manage the planning, assessment, testing and reporting phases of audits covering IT governance, systems infrastructure, information security, application controls, and operational activities.
Perform independent and objective assessments of risks and controls to improve risk management practices.
Assess systems and supporting controls for compliance with laws, regulations, company policies and meet business needs.
Recommend control improvements to mitigate key risks.
Influence change and provide insights on business initiatives, including system implementations.
Prepare or review audit workpapers to ensure compliance with the division’s risk-based audit methodology.
Supervise, coach and develop staff, helping to build technology audit skills across the Corporate Audit division.
Use your excellent writing skills to succinctly communicate complicated technical issues in business terms.
Prepare audit reports and present key findings to senior level management.

Qualifications

University degree in information systems, computer science, accounting or related field; Advanced degree in information technology, cyber security or systems engineering preferred.
Experience leading and supervising project teams, preferably in an audit or assurance capacity within the financial services industry.
Proficient or knowledgeable in evaluating and testing internal controls and in applying a risk-based audit approach.
Expertise in or experience auditing certain technology-related areas such as:

Enterprise security controls frameworks

Enterprise application development models (i.e., waterfall, rapid prototyping, agile, etc.,)

Perimeter/Internal Security Technologies (Firewalls, Intrusion Detection and Prevention Systems)

Data Loss Prevention technologies and support processes

Network Segmentation and Separation Solutions

Identity and Access Management/Privileged Access Management/Adaptive Authentication Solutions

Platform and Configuration Hardening Practices

Threat Intelligence and Insider Threat Detection

Vulnerability Scanning and Penetration Testing

Security Incident and Event Management (SIEM) Technologies

Cyber Incident and response

Public Cloud Security

Financial services operational processes and technology

Automated business process controls

Data protection (GDPR)

Resiliency and Business Continuity Management

Ability to manage complexity, to effectively prioritize multiple tasks and work independently in non-routine situations.
Professional curiosity and willingness to learn new technologies and processes
Strong analytical, interpersonal, organizational, research, and communication (verbal and written) skills
One or more industry recognized certification (i.e., CISA, CISSP, CISM, and Cloud+) and the willingness to continue to learn and grow.
Willingness to travel up to 20% annually, mostly in Europe

For further information, and to apply, please visit our website via the “Apply” button below.