The successful candidate will have the opportunity to work in a fast-paced and highly complex environment. The IT Internal Audit Manager is responsible for the execution of technology audits, both as a leader and a contributing team member, and participates in all aspects of audits including planning, scoping, control design analysis, testing, issue development and reporting.
This individual will be responsible for understanding, analyzing and overseeing the testing of technology controls, including those over transaction processing to ensure data is secure, accurate, timely and complete. A solid understanding of cybersecurity risks, vulnerability assessments, penetration testing, technology risk management, general IT controls (system development life cycle, change management, logical and physical access, backup and recovery, monitoring, etc.), network administration, operating systems (Windows, Linux, Unix), and database administration is essential. Knowledge and understanding of emerging technologies (e.g., cloud and mobile computing platforms), IT Service Management practices (governance, process, roles and responsibilities, metrics, etc.) and understanding and awareness of governance, risk and compliance (GRC) concepts and practices is preferred.
He or she must have the ability to effectively lead, mentor and develop other audit team members and help build an engaged and fulfilled audit team.
•Conduct information technology and information security risk assessments and provide suggestions for the annual audit plan
•Maintain up-to-date knowledge of the Company’s IT infrastructure and applications, and IT security standards
•Plan and lead audit assignments in an efficient, timely, and professional manner in accordance with the Institute of Internal Auditors (IIA) standards
•Use strong project management skills to actively monitor project status including milestones and budgets, while ensuring overall quality of work
•Provide appropriate direction and guidance to audit project teams
•Evaluate processes to determine adequacy of controls, compliance with policies and procedures, and comparison to leading practices
•Ensure that audit project teams create accurate, logical and detailed work-papers clearly describing the work performed, results of testing and conclusions reached
•Provide recommendations to management for strengthening controls, ensuring compliance with policies and procedures and enhancing operations
•Prepare comprehensive written and oral audit reports detailing the results of the audit
•Work with management to develop acceptable solutions to address issues or gaps identified
•Plan and oversee the execution of follow-up work to ensure adequate remediation of gaps by management
•Establish strong working relationships and positive rapport with the audit team, management, and external auditors
•Demonstrate a strong awareness of information technology and information security risks and controls
•Remain current with information technology and information security risk and controls through ongoing professional education