IT Auditor

The IT Auditor exercises independent judgment in matters of significance, including documenting, assessing, and rigorously testing IT controls. This role is crucial for ensuring meticulous compliance with Internal Audit methodologies, bank policies, procedures, and regulatory requirements. Key responsibilities include vigilant monitoring of open issues, conducting validation testing, performing continuous auditing, and engaging proactively with evolving industry developments, emerging risks, and regulatory expectations. The IT Auditor also supports the Director by handling adhoc requests, such as responding to regulatory inquiries and preparing essential information for diverse board reports and management presentations.

Principal Duties & Responsibilities:

• Independently administer and perform audits according to the Audit Plan approved by the Audit Committee. Take initiative in planning audits, assessing risks, and executing fieldwork in adherence to generally accepted auditing standards.
• Exercise discretion in evaluating the adequacy of internal controls, preparing comprehensive working papers, and documenting processes and conclusions critical to bank operations.
• Develop and deliver clear and concise Audit Reports detailing findings and recommendations for Senior Management. Prepare and present these reports to the Audit Committee of the board of directors, demonstrating independent judgment and analysis.
• Communicate audit findings and recommendations autonomously with senior management, stakeholders, and regulatory bodies. Independently discuss Corrective Action Plans with appropriate bank management during audit fieldwork.
• Make independent assessments of management responses to ensure adequate corrective action and follow up on reported findings, documenting results without requiring additional oversight.
• Lead IT and project audits of varying complexity and risk with minimal supervision. Update business area risk assessments annually with a focus on risk-based analysis.
• Serve as the primary audit liaison for assigned departments, independently collaborating with management and staff to develop a thorough understanding of functional areas.
• Develop and implement training for new personnel and ongoing staff development based on independent judgment and experience.
• Consult with the Director of IT Audit on interviewing potential employees and preparing performance appraisals, exercising discretion in evaluating talent and performance.
• Independently review audit procedures and internal control questionnaires to address operational and regulatory changes. Contribute innovative ideas to enhance audit efficiency and effectiveness.
• Utilize data analytics tools and techniques to independently enhance testing coverage and ensure high-quality audit outcomes.
• Collaborate with bank examiners and external auditors during their examinations and audits, independently managing interactions and providing required information.
• Specialize in areas requiring deep knowledge, such as IT regulatory compliance and security. Provide analysis, interpretation, status updates, and advice to the audit director, using independent judgment to inform decisions.
• Demonstrate detailed knowledge of IT operations, concepts, risk assessment practices, internal control systems, and General IT Controls, applying this expertise independently to audit tasks.

Qualifications:

• 2-4 years of experience in IT auditing, internal auditing, external auditing of financial institutions or regulatory examination with thorough knowledge of practices, principles, and interrelationships of banking functions. Required
• Knowledge of financial services industry preferred.
• Strong information technology foundation including infrastructure and cyber security risk, with an ability to identify risks and controls in regards to various IT related areas (e.g. security, operations, change management, etc.).
• Understanding and knowledge of Active directory, Windows OS, Oracle and SQL databases.
• Understanding of network infrastructure devices and capabilities including routers, firewalls, intrusion detection/prevention systems and wireless technology.
• Comprehension of IT general controls, application controls, and business process reviews.
• Experience with core banking platforms highly preferred.
• Requires skills in fact-finding, analysis, problem solving and decision-making.
• Detailed oriented with excellent project management, organizing and planning skills.
• Expert PC skills including but not limited to Excel, Word, Power Point, Adobe, and Outlook.
• Experience with COBIT, COSO and exposure to NIST SP 800-53 a plus.
• ACL, Tableau or SQL experience preferred.

Education:

• Bachelor's Degree in Computer Science, Information Systems, Information Technology, or related field.
• Master's Degree in Computer Science, Information Systems, Information Technology, or related field.
• Certified Information Systems Auditor (CISA), Certified Internal Auditor (CIA), Certified Information Systems Security Professional (CISSP), or other relevant audit certification/designation a plus.