IT Audit Manager

IT Audit Manager

The role requires a breadth of knowledge regarding the IT/IS landscape. The IT Audit Manager should have the ability to participate in the audit planning and risk rating processes, prepare all audit work paper sections, discuss audit findings with the business units, and prepare draft audit reports.

Providing value to our internal clients is paramount, therefore establishing a rapport with management and staff of business units and building relationships with various corporate departments throughout the enterprise is a critical function for this role. It is important this position can interact with all levels of staff and leadership within the Company, and continuously contribute to the strategy of developing, sustaining, and enhancing the image and perceived value of the Internal Audit.
Principal Accountabilities:

• Understand technology related risks and assess company IT general controls (system access and security, logical access, SDLC/change management, ) and application controls embedded in automated processes.
• Assist the Director, Internal Audit in developing a risk-based and long-term IT audit strategy, including an annual IT audit plan
• Survey the function or activities to be audited and prepare detailed audit programs for use in performing the audit, including both tests of controls and substantive testing to assess and/or evaluate IT systems and the mitigation of IT-related business
• Perform and document tests in accordance with department procedure and professional standards, and communicate results to the Director, Internal Audit and business units
• Develop and maintain effective interpersonal relationship with staff and management
• Provide consultation services to management on issues related to IT risk, as needed or directed
• Partner with Internal Audit staff on the design and execution of data analytics, including use of ACL or advanced Excel techniques
• Support the department by developing strategies to improve internal controls and minimize risk, while keeping audit management informed of the status of audits in progress, communicating obstacles or significant audit findings as they
• Periodic audit support as needed on operational, financial or compliance audits, which may include use of audit techniques that are not strictly IT-focused
• Constructively work with business operations to identify areas for improvement, while collectively agreeing on appropriate corrective actions, facilitating remediation efforts, and monitoring progress to ensure that business units and corporate departments are timely in addressing control weaknesses and process
• Assist with activities related to FDICIA certification and external audit direct assist including risk assessment, scoping, control documentation and updates, testing of operating effectiveness, education, and
• Oversee and manage external IT audit related resources when required
• Train less experienced staff when assigned
• Assist Internal Audit on the design and execution of continuous audit methodology and reporting of results
• Aid as needed on special projects and assignments
• Supervises others, including interviewing, hiring, coaching, scheduling, counseling, motivating, training, preparing, and delivering performance evaluations, preparing, and delivering discipline, and terminating, when appropriate. Will typically supervise a staff of approximately 1-2 associates. Conducts regular meetings and provides frequent feedback to associates to develop them and provide a career path for all associates whose performance supports promotion.
• Ensure work premises constitutes a safe work environment that promotes positive company image, including regular inspection for and remediation of any hazardous conditions; regular maintenance and cleaning of premises; adherence to all posting requirements in jurisdiction, including human resources and compliance postings; and provision of comfortable and appropriate space for associates to conduct business
• Understands, embodies, communicates, and instills corporate initiatives and vision, including the six Pillars of Success
• Maintains client information in complete confidence
• Completes other specified duties as assigned.
• Regular attendance required, working at the assigned worksite, or assigned remote location during regular business hours and/or assigned hours
  

Position Requirements
Minimum Qualifications:

• A bachelor s degree in accounting, Finance, IT, IS or related
• A minimum of 4 years experience in corporate audit or external audit consulting specific to IT auditing with a demonstrated history of accomplishments, leadership, teamwork, and client service
• Exposure to sophisticated information system audit techniques, including an understanding of logical and physical access, change management, network security and technology, infrastructure, software development, project management, and business recovery practices.
• Ability to independently review IT general controls, application controls and IT governance, as well as financial controls, going beyond the pure execution of audit program steps, and to provide recommendations to maintain a sound control environment.
• Proficient interviewing
• Data analysis skills including use of ACL, SQL, Advanced Excel, Access, or other data-mining
• Demonstrated critical thinking and analytical skills
• Knowledge of CoBIT and ITIL Frameworks, the COSO Framework, Sarbanes-Oxley Section 404 or FDICIA compliance requirements, and NIST information security standards
• Exceptional verbal and written communication
• Ability to deal with highly complex and/or sensitive issues which require substantial analysis or independent judgment and where no existing policies or precedents apply
• Demonstrated organizational skills, including the ability to successfully manage multiple projects simultaneously.
• Ability to work independently while contributing to the success of the team
• Self-motivated to effectively manage time, handle multiple priorities, ensure tight deadlines are met, and capability to maintain composure under pressure

Preferred:

• Certified Information Systems Auditor (CISA), Certified Internal Auditor (CIA), or other certification specific to internal audit or technology such as a Certified Network Engineer or Certified Security Professional
• A minimum of 5-7 years experience in corporate audit or external audit consulting specific to IT auditing with a demonstrated history of accomplishments, leadership, teamwork, and client service skills Advanced degree in a related field
• Understanding of general compliance requirements related to IT, including FFIEC requirements.
• Advanced data mining and analysis capabilities
• Merger and acquisition experience including due diligence and system integration
• Experience with system implementations, including testing and control design consultation
• Previous experience in the financial services industry