IT Infrastructure and Information Security Audit Manager

Corporate Title: Executive Director

Department: Internal Audit

Location: New York

The base pay range for this position at commencement of employment is expected to be between $240K and $270K/year*

Company overview

Nomura is a global financial services group with an integrated network spanning over 30 countries and regions. By connecting markets East & West, Nomura services the needs of individuals, institutions, corporates and governments through its three business divisions: Retail, Wholesale (Global Markets and Investment Banking), and Investment Management. Founded in 1925, the firm is built on a tradition of disciplined entrepreneurship, serving clients with creative solutions and considered thought leadership. For further information about Nomura, visit .

Aon's Benefit Index , Nomura's benefits rank #1 amongst our competitors

Department overview :

The Internal Audit department is a key part of the firm's corporate governance, and the department's primary objectives are to review the company's control environment and report any weaknesses identified to the Audit Committee and senior management.

The department in the US comprises over 35 professionals, split across Business, Risk, Legal & Compliance and IT audit teams reporting functionally to the Global Portfolio Directors of each division and to the Regional Head of Internal Audit for the Americas.

Role description:

The Internal Audit (IA) department covers technology risk through the audit of technology functions and through technology audit procedures integrated in all audits.

There is a vacancy for a Technology Executive Director to lead global audit work for Technology functions, in particular Infrastructure and Information Security. The successful candidate will report to the global Technology Portfolio Director (TPD).

The role's responsibilities are:

• Leading global audits. Including performance of audit planning, fieldwork and reporting. This involves leading the global team assigned to the audit, delivery of the audit within the planned timelines, ensuring all audit work is executed and documented in accordance with our audit methodology.
• Risk Assessments. This involves interaction with technology stakeholders, review of relevant metrics as well as other internal and external material. You would also be expected to provide input into the audit plan covering the IT Infrastructure and Security portfolio.
• Continuous Monitoring. Including interaction with key technology stakeholders, review of metrics as well as other relevant internal and external material, evaluation of changes to the risk profile.
• Issue Tracking. Including determining the audit procedures required to validate the closure of audit issues.
• Data Analytics. Use of data analytics techniques on audit engagements where relevant and supporting audit colleagues to utilise data analytics to improve and enhance the audit approach.
• Continuous Learning. Study public material or attend courses to remain abreast of changes in cyber security, information security, infrastructure technology, financial services industry, regulatory changes, and audit practices

Skills, experience, qualifications and knowledge required:

• Minimum of 10 years working experience, this should include working within IT Internal/External Audit or Second line IT functions within financial services industry.
• Strong knowledge of IT security, including both technical and business controls.
• Relationship management: Ability to develop and maintain strong relationships with subject matter experts and IT leaders across the organisation. Work collaboratively with other Internal Audit stakeholders.
• Strong time and project management skills, consistently delivering to deadlines (budget and time).
• Very good knowledge of leading IT Infrastructure and Information Security reviews such as: Operating Systems and Databases, Messaging infrastructure, Databases, Cloud infrastructure, IT Networks, Vulnerability Management, Security Operations Centre and Data Security.
• Experience in assessing controls based on COBIT or other leading technology risk management and governance control framework.
• Experience in assessing controls based on NIST, SANS, ISO27000 or other leading cyber security framework.
• Very good presentation and report writing skills. Producing draft reports that require minimal changes.
• Qualifications: University degree in a technology related discipline and CISSP/CISA/CISM or equivalent certifications are required. Other relevant qualifications will be beneficial but not required.

Nomura Leadership Behaviors

Explore Insights & Vision

• Identify the underlying causes of problems faced by you or your team and define a clear vision and direction for the future.

Making Strategic Decisions

• Evaluate all the options for resolving the problems and effectively prioritize actions or recommendations.

Inspire Entrepreneurship in People

• Inspire team members through effective communication of ideas and motivate them to actively enhance productivity.

Elevate Organizational Capability

• Engage proactively in professional development and enhance team productivity through the promotion of knowledge sharing.

Inclusion

• Foster a culture of inclusion and psychological safety in the workplace and cultivate a "Risk Culture" (Challenge, Escalate and Respect).

*base pay offered may vary depending on multiple individualized factors, including market location, corporate and functional title and duties, job-related knowledge and advanced degrees, skills, and experience. The total compensation package for this position may also include other elements, including a sign-on bonus, restricted stock units, and discretionary awards in addition to a full range of medical, financial, and/or other benefits (including 401(k) eligibility and various paid time off benefits, such as vacation, sick time, and parental leave), dependent on the position offered. Details of participation in these benefit plans will be provided if an employee receives an offer of employment.

If hired, employee will be in an at-will position" and the Company reserves the right to modify base salary (as well as any other discretionary payment or compensation program) at any time, including for reasons related to individual performance, Company or individual department/team performance, and market factors".

Nomura is an Equal Opportunity Employer

Nearest Major Market: Manhattan
Nearest Secondary Market: New York City