IT Audit Manager

Full Time
$100,000 - $150,000
Work from home not available Travel not required

Job Description

IT Audit Manager 11624
McLean, VA
$140-150K +Bonus

As an IT Audit Manager (SME-IT), your work falls into three categories:

Audit/Project Execution

  • Work with audit teams to provide input to and challenge the scope of cyber risk related work.
  • Help audit teams identify appreciate review and testing procedures to effectively test whether cyber risk related controls are in place.
  • Lead discovery and walk through meetings with the Information Technology and Information Security teams to understand and evaluate cyber risk related controls in Company’s IT environment.
  • Provide input to and/or perform cyber risk-based assessments of shared infrastructure and / or business owned applications.
  • Based on the work performed, identify strategic, business focused issues related to cyber risk.
  • Build strong relationships with leaders across the First and Second Lines of Defense to enable strong collaboration, while maintaining Internal Audit’s independence.
  • May be tasked with leading, or participating in, specific risk assessment initiatives, firm-wide process change initiatives, conducting special investigations, or performing on going monitoring.
  • Perform and document work in accordance with Internal Audit standards.

Conduct Research and Provide Training

  • Maintain and grow technical knowledge through ongoing research and review of industry publications.
  • Monitor external trends and perform research to provide consultative advice to audit, business and IT management on current or emerging cyber security risk, control and governance matters.
  • Conduct internal training sessions to help other audit teams understand cyber risk and information technology concepts.

People Management

  • Be the manager of choice and role model for your team
  • Regularly evaluate employees and offer candid feedback
  • Help team members develop and achieve professional goals
  • Participate in the recruiting process


  • Minimum of 8 years working experience. Experience must include a minimum of:

     o 4 years working in IT operations or IT security areas such as application security, penetration testing, forensics, threat management, security engineering, system security assessments, and/or public cloud environments.

     o 2 years working experience with common standards such as ISO 270001, ISO 20000, NIST 800-53, OWASP, and/or ITIL

  • Bachelor’s degree in in Cyber Security, Cyber Risk, Management Information Systems, Computer Science, Engineering, or Math
  • CISA or willingness to obtain CISA within 12 months
  • Demonstrated expertise in cyber security
  • In depth knowledge and experience evaluating against cyber security industry standards such as NIST or ISO
  • Must work well in a highly collaborative and team-oriented environment
  • Must work creatively and analytically in a problem-solving environment
  • Must demonstrate effective verbal and written communication and interpersonal skills

Keys to Success in this Role:

  • A mindset that embraces innovation and is not afraid of failure
  • Highly collaborative
  • Ability to explain technical concepts to non-technical people
  • A drive to continuously learn and develop

Top 3 Personal Competencies:

  • Drive for Execution-Be accountable for strong individual and team performance
  • Customer Focus- Personally engage with customers to learn their needs
  • Seek and Embrace Change- Continuously improve work processes rather than accepting the status quo

Preferred Skills:

  • Experience in conducting Information Security audits
  • Project Management experience
  • Certified Ethical Hacker (CEH
  • Certified Information Security Manager (CISM)
  • Computing Technology Industry Association (CompTIA)
  • Certified Information Systems Security Professional (CISSP)

Posted By

Anthony Honquest

Naperville, IL, 60563

Dice Id : napil006
Position Id : 11624
Have a Job? Post it