This is a flexible / hybrid model. Three days onsite and 2 days work from home
- Being a member of the Internal Audit Team means you will be part of a diverse and collaborative team.
- The IT Senior Auditor role is predominantly passionate about audit projects, participating in planning, driving fieldwork, and assisting with report writing and clearance.
- The primary measure of success is identifying meaningful potential issues about the design and effectiveness of controls, while creating reliable documentation to support conclusions.
- The IT Senior Auditor must manage a number of auditee relationships, be a good team player, and take accountability for their personal growth and professional development.
- Strategic Control Impact - Identifies meaningful issues in which controls are not accurately designed or are not operating successfully. Assesses the risk and control environment for processes within coverage areas. Work closely with auditees to verify timely progress and completion of agreed upon issue closure, under the guidance of a supervisor. Understands the financial services industry and risk and control environment for coverage areas and identifies new risks.
- Audit Execution - Assists an IT Audit Manager with the execution of audit planning, fieldwork, and reporting. Completes risk-focused fieldwork on time and within the allocated budget, notifying the auditor in charge promptly of issues that arise or when budgets or timelines are at risk. Understands and performs root cause analysis for issues. Possesses and demonstrates a strong understanding of audit techniques.
- Quality Process - Demonstrates a solid understanding of our policies, procedures, and documentation standards. Independently prepares work papers that fully comply with IAD policies and procedures. Participates in continuous improvement initiatives. Aligns risk and control processes into day-to-day responsibilities to supervise and mitigate risk; escalates appropriately.
- Minimum 4+ years of related experience.
- A bachelor’s degree is required, preferably with a technology-related major. Certifications related to the candidate’s coverage responsibilities are beneficial, but not required, such as Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRISC), and Certified Information Systems Security Professional (CISSP).
- Previous job experience for IT Auditors can vary to meet the department’s goal of having a team with diverse perspectives and work experiences.
- Capable of identifying, assessing, and advising on risks for large-scale technology projects, IT general controls and completing IT process audits (e.g., SDLC, Change Management, Logical Security, Business Continuity/Disaster Recovery, and Incident/Problem Monitoring), as well as reviewing application-level processes and controls.
- Proficiency in auditing cyber security and infrastructure components is a plus (e.g., Mainframe, Unix/Linux, Windows).