Being a member of the Internal Audit Team means you will be part of a diverse and collaborative team.
The IT Auditor role is predominantly focused on audit projects, participating in planning, driving fieldwork, and assisting with report clearance.
The primary measure of success is identifying meaningful potential issues about the design and effectiveness of controls and creating reliable documentation to support conclusions.
The IT Auditor must manage a number of auditee relationships, be a good team player, and take accountability for their personal growth and professional development.
Strategic Control Impact - Identifies meaningful issues in which controls are not accurately designed or are not operating successfully. Assesses the risk and control environment for processes within coverage areas. Work closely with auditees to verify timely progress and completion of agreed upon issue closure, under the guidance of a supervisor. Understands the financial services industry and risk and control environment for coverage areas and identifies new risks.
Audit Execution - Assists a Senior IT Auditor or IT Audit Manager with the execution of audit planning, fieldwork, and reporting. Completes risk-focused fieldwork on time and within the allocated budget, notifying the auditor in charge promptly of issues that arise or when budgets or timelines are at risk. Understands and performs root cause analysis for issues. Possesses and demonstrates a strong understanding of audit techniques.
Quality Process - Demonstrates a solid understanding of our policies, procedures, and documentation standards. Independently prepares work papers that fully comply with IAD policies and procedures. Participates in continuous improvement initiatives. Aligns risk and control processes into day-to-day responsibilities to supervise and mitigate risk; escalates appropriately.
Minimum 4 years of related experience
Bachelor's degree preferred or equivalent experience
Certifications related to the candidate’s coverage responsibilities are beneficial, but not required, such as Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRISC), and Certified Information Systems Security Professional (CISSP).
Previous job experience for IT Auditors can vary to meet the department’s goal of having a team with diverse perspectives and work experiences.
Capable of identifying, assessing, and advising on risks for large-scale technology projects, IT general controls and completing IT process audits (e.g., SDLC, Change Management, Logical Security, Business Continuity/Disaster Recovery, and Incident/Problem Monitoring).
Proficiency in auditing infrastructure components is a plus (e.g., Mainframe, Unix/Linux, Windows).