IT Senior Audit Manager
SUMMARY: Under the guidance and direction of the Chief Audit Executive, the IT Senior Audit Manager has primary responsibility for audits of information systems, application design and project development. The scope of these activities includes complex audits related to general data centers, system applications, web based applications, IT infrastructure, IT Governance, and Information Security, inclusive of Cyber Security. Responsibilities culminate in the assessment of the overall condition of IT operations, evaluation of risk and oversees the communication of findings to Bank senior management and the Audit Committee. In conjunction with the CAE, develops and assures execution of the department’s annual audit plan for information technology based on the risk- based methodology, key stakeholder needs, and staffing analysis. The Senior IT Audit Manager will guide and augment the use of information systems and technologies by the Internal Audit staff, increasing the overall efficiency and effectiveness of internal audit activities. The successful candidate should possess a strong work ethic and significant IT management experience, demonstrating the technical, administrative, and people skills necessary to effectively manage IT audit projects. The individual should have an excellent understanding of IT controls and internal audit, and will have an important role in branding Internal Audit Services, championing IT controls and governance concepts throughout the business.
Bachelor's degree in Accounting, Finance, Information Technology or other relevant field
Six or more years of audit, financial, insurance, banking, information technology or related business experience
Advanced knowledge of Audit theory, IIA Professional Standards, and demonstrated experience in audit execution
Advanced level business acumen in business operations, industry practices, and emerging trends
At least 8 years related work experience (IT, IT audit, banking, or public accounting experience in IT), including at least 5 years of internal or external audit supervisory/management experience with increasing levels of responsibility.
Hold a professional designation such as CIA, CISA, CISM or CISSP designation(s)
Advanced knowledge of IT application controls, ITGCs, Cyber Security, Mobile, Virtualization, WebSphere as well as IT infrastructure including databases, networks, operating systems
Experience leading end-to-end engagements as the Auditor-in-Charge (AIC) and/or leadership experience within the information technology or security fields. Comprehensive understanding of risk-based auditing and audit techniques and strong project management skills.
Demonstrated knowledge of internal controls, business and information technology risks and/or audit techniques in a large financial services organization
Skills/Ability: Outstanding oral and written communication skills, as well as strong interpersonal skills with a demonstrated ability to deal effectively with all levels of management and staff. Strong organizational and supervisory skills necessary to motivate, develop, train, and supervise audit staff.
Excellent analytical, critical thinking and problem-solving skills. Must be a team player. Ability to perform assigned duties with minimum supervision. Ability to travel, including occasional overnight.
Oversees and delivers audits of business, Information Technology Risk and Information Security processes/practices, and major business/IT projects to ensure compliance with Bank Policy, use of compliant best practices, procedural efficiency and accuracy in accordance with the audit plan.
Responsible for the management of a portfolio of audit assignments to ensure that all business and technology risks are anticipated, identified, recognized, and appropriately managed in alignment with the departmental audit plan, stakeholder needs, and other bank initiatives.
Performs risk assessments and develops a quarterly audit plan.
Review or prepares reports of audit findings for business managers and proposes recommendations for changes as needed. Consult with clients in developing action plans to resolve control issues or risks and handles the resolution of high-risk issues with management.
Serve as subject matter expert with managerial responsibilities over aspects of large-scale, most complex, or high profile audits.
Lead multiple projects and communicate appropriately with identified stakeholders within Internal Audit and business management.
Track and follow up on open issues and key business initiatives.
Hire, retain, coach and develop audit staff.
Exercises discretion and good judgment in the performance of essential job functions.
Perform any other related duties as required or assigned.
Has primary responsibility for managing IT audits, provides day-to-day supervision and guidance to the IT staff, including co-sourced arrangements. Performs complex audits, as needed.
The Senior IT Audit Manager will also participate, evaluate, and provide guidance related to IT compliance with Sarbanes-Oxley requirements.