IT Lead Auditor (Integrated Audit)

THIS ROLE WILL BE HYBRID 3 DAYS/WEEK OUT OF WILMINGTON, DE. MUST BE LOCAL OR WILLING TO RELOCATE

Overview:

• This individual contributor position is responsible for providing senior level expertise in the provisioning of assurance services specific to the technologies enabling the assigned business domain(s).

Primary Responsibilities:

• Plan, coordinate, and maintain full ownership over execution of audit examinations and validation procedures specific to the technologies supporting the assigned business domain(s). These audits will be conducted for the most part in collaboration with the Financial/Operational audit team in an "integrated" fashion, however there may be reviews conducted independently that target specific technology infrastructure, platforms or solutions in the environment;
• Participate in various capacities on certain programs/projects established by management to iterate on delivery of technology solutions to the client base. This "project audit" work assesses whether management is designing appropriate controls within the solutions being developed while considering all potential IT risks the solutions expose the business to;
• Execute risk analysis over emerging technologies being considered or used by management in support of the businesses;
• Responsible for becoming intimately familiar with the organizational structure in place that supports both strategic and tactical management of the technology environment supporting the assigned business domain(s). Responsible for understanding the IT risks impacting this environment, and keeping up to speed on emerging tech impacting the environment;
• Responsible for actively working with the Cybersecurity Audit team to ensure appropriate cybersecurity risks are accounted for within the scope of the audits performed;
• Responsible for establishing relationships with the Enterprise Architecture Solution Architect and Technology Support Lead responsible for the technology supporting the assigned business domain(s) to assist in maintaining an understanding of ongoing tech initiatives and strategic direction of the technology supporting the business;
• Independently document and communicate recommendations to Bank Management in order to improve internal controls and reduce risk to the organization;
• Supervise other IT Audit staff as needed, per audit engagement; and
• Maintain ongoing communication with the 1st and 2nd line Technology Risk Management/Oversight organizations to align assurance activities, share risk information, and establish ongoing reliance approaches (as applicable).

Scope of Responsibilities:

• This position leads and executes assurance activities, maintains relationships, and communicates with Bank management, and oversees Auditors. The position ensures activities are in conformance with professional auditing standards. The jobholder reports to an Audit (Senior) Manager.

Supervisory/Managerial Responsibilities:

Education and Experience Required:

• Bachelor's degree and a minimum of 5 years' relevant work experience, or in lieu of a degree, a combined minimum of 9 years' higher education and/or work experience, including a minimum of 5 years' relevant work experience
• Minimum of 1 year's leadership experience
• Experience with internal audit methodology
• Solid understanding of internal control concepts
• Experience evaluating adequacy of the controls
• Strong leadership skills
• Experience coaching and developing others
• Proven analytical skills
• Proven critical thinking skills
• Excellent verbal and written communication skills
• Experience presenting sensitive and complex findings to business management and influencing change
• Proven ability to handle multiple projects at the same time

Education and Experience Preferred:

• Bachelor's degree in Accounting, Business, Finance, Technology, Cybersecurity, Mathematics, Statistics, or related technical field
• MBA or Master's Degree in an appropriate field
• Related certifications (CIA, CPA, CISA, CAMS, cloud certification, or similar)
• Financial services industry experience
• Strong experience in application auditing (preferably in the banking/financial services sector, inclusive of being able to assess the end to end technology architecture supporting a given business)
• A proven aptitude to understand the business being enabled by the technologies under audit
• Working knowledge of technologies supporting digital business capabilities
• Working knowledge of cloud computing risks and related controls frameworks
• Understanding of cybersecurity concepts and an ability to assess the inherent cybersecurity risks of technologies supporting the business
• Working knowledge of modern delivery practices and supporting tech (agile, DevOps tools, container platforms, etc.)
• Certification such as CISSP, CCSP, CISA as well as other technical vendor certifications is a definite asset;
• Understanding of regulatory requirements as they relate to technology and security in the financial services industry;
• Excellent verbal and written communication skills. Ability to convey complex conceptual information/ideas on issues requiring extensive interpretation and opinion. Experience in applying appropriate discretion when dealing with sensitive issues and conveying technical concepts in an easy to understand manner;
• Proven ability in managing multiple bodies of work simultaneously under tight deadlines;
• Proven leadership skills, with the ability to develop and motivate;
• Strong organizational and resource management skills

M&T Bank is committed to fair, competitive, and market-informed pay for our employees. The pay range for this position is $93,614.36 - $156,023.93 Annual (USD). The successful candidate's particular combination of knowledge, skills, and experience will inform their specific compensation.

Location
Wilmington, Delaware, United States of America