Serve as a thought leader and subject matter expert in the area of assurance, and specifically IT audit. Provide commentary and relate industry best practices and emerging trends in order to continually improve the organization’s IT capabilities and contribute extensively to the continuous identification, evaluation and remediation of technology-related risks. Individual would be responsible for the management and overall execution of assurance-related activities, which include but are not limited to SOXAudits, IT Compliance Audits, Cybersecurity and Privacy Audits, Vulnerability and Penetration Audits, and Pre/Post-Implementation Reviews. Individual will also be responsible for supporting strategic business initiatives by advocating and enhancing the risk and control environment, and when appropriate, engaging, managing and reviewing the work of outside consultants/advisors. This person will be required to manage the development of analysis, reports, recommendations and insights gained from assurance-related activities and discover meaningful patterns that may be indicative of pervasive technology issues.
Develop strong working relationships and foster effective communications with audited units, internal IT and business areas and internal audit management
Execute the reviews of all work papers, ensure audits are performed within the time budget allotted
Present, discuss and follow-up audit recommendations with Top Management
Assignment of staff, planning supervision and oversight of specific and simultaneous IT audits
Propose new audit techniques and procedures to improve effectiveness/efficiency of audits
Ensure compliance with Laureate’s policies and procedures, applicable laws and regulations, and keep current on compliance-related areas
Evaluate the system of IT internal controls within the departments through the development and refinement of risk assessments
Prepare deliverables/reports for review by the IT Audit Director that include thematic issues, trends and other micro/macro level risks identified through the execution of IT audits and other assurance-related activities
Ongoing assessment and completion of internal audit staff performance appraisals, promotion recommendations and professional development
Manage the periodic QA of IT audits and make suggestions on how to improve consistency as well as our overall approach to delivery
Participation in the overall development and delivery of the annual audit plan.
Continuously educate stakeholders on how audit initiatives and risk management can help them achieve their business goals and influence them to take action based on audit findings.
Serve as an on-going subject matter expert in the area of technology and corresponding new capabilities
Maintain internal audit competency through ongoing professional development
Take responsibility for coaching/mentoring and the continuous development of respective teams
Perform other duties as assigned by either the Chief Risk Officer, Internal Audit Executive Director or the Director of IT Internal Audit
BA/BS degreerequired and Master’s Degreepreferred (coursework in areas of study, including but not limited to decision information sciences, computer science, computer engineering, management information systems, business, accounting, or finance).
10+ years of related work experience;
8+ years of related audit or applicable business experience; 3 or more years in a management role and 4 years of public accounting experiencepreferred.
CISA, CISSP, ITIL, CIA, or CPA/CA certification required. Based on an individual's professional background, area of specialization, or industry focus, we recognize that other certifications, credentials, or experience may be more relevant than the listed certifications and therefore may be acceptable substitutes that will be given consideration upon further discussions.
Higher Education industry experiences a plus.
An in-depth understanding of core information technology processes and controls, current trends in corporate information technology and emerging themes in the market place.
Advanced knowledge of commonly used internal control frameworks, including COSO and COBIT.
Advanced knowledge of audit methodologies and developing key internal audit deliverables, including process flows, work programs, auditreports, and control summaries.
Advanced knowledge of Sarbanes-Oxley Act provisions and methodologies for achieving compliance.
Advanced knowledge of The Institute of Internal Auditors (IIA’s) code of ethics and compliance requirements.
Thorough working knowledge of spreadsheet, database applications, relational databases, and Microsoft Suite of products (Excel and Access).
Ability to handle complex projects in a multi-tasking environment, meeting deadlines and interacting with individuals at all levels within the organization.
Experience in the recruitment and successful placement of IT audit resources at various levels within the organization.
Strong oral and written communication and interpersonal skills to successfully build long-term relationships with colleagues and business partners.
Experience working in diverse multicultural environment.
Strong organizational and time management skills.
Proactive attitude, fast learner, and team player.
Spanish is required; Portuguese a plus.