• Participate in planning and audit scope development as well as project execution as a critical team member on complex technology-related assessments.
• Lead the execution of the assessment of specific technical areas of a project, supervising other team members and providing coaching where requested.
• Provide reports on the effectiveness of the business unit's internal control structure along with recommendations that improve the effectiveness, efficiency and economic value of a control or process.
• Assess audit findings / gaps including control weaknesses with an appropriate degree of professional skepticism, seeking to fully understand risks to the firm. Assist technology partners with the development of Management Action Plans to mitigate weaknesses, providing thought leadership on the appropriateness of the Plan.
• Evaluate the adequacy and timeliness of management's response and the corrective action taken on relevant weaknesses noted within audit reports.
• Provide control consulting services to management to assist in redesign efforts that improve the control environment.
• Maintain business relationships with appropriate levels of management to ensure that Audit is aware of changes in business activities and objectives, and a necessary Audit response is developed.
• Assist audit management with macro reporting by providing data relevant to technology audit findings.
• Promote new ideas and new ways of executing projects and internal infrastructure enhancements.
• Demonstrate commitment to and Internal Audit’s strategic vision, be a self-starter, and promote project ownership and responsibility for actions. Interact with Audit project team members in working towards Departmental goals.
• Bachelor's or Master’s degree in computer science, management information systems, or in STEM (Science, Technology, Engineering, or Math).
• 5-10 years of deep technical experience in one of more of the following domains: information security, distributed operating systems, databases, network technology, mobile payments, tokenized services, cloud-based and virtualized environments, IBM mainframe, or Hadoop.
• Experience evaluating system controls associated with complex business applications.
• Strong time management skills.
• Excellent written and oral communication skills.
• Ability to travel domestically and internationally approximately 10 - 25%.
Highly desirable:
• IT Audit certifications or other audit related certifications (e.g., CISA, CFE, etc.).
• Technical certifications or other information security certifications (e.g., CISSP, CEH, CISM, etc.).
• Project Management certifications (e.g., PMP, Prince2, etc.).
• Work experience in a large financial institution or a matrix organization.