Are you looking for a position that will leverage and grow your technology skills, expand your knowledge of the financial services business, and give you the opportunity to problem solve with some of the best minds in the financial services and technology industries? There is no better place to drive value-added solutions for improving internal controls than to operate at the nexus of technology and business as a technology auditor at with us!
This mission is accomplished through:
Assessing the adequacy and effectiveness of controls, risk management, compliance and governance processes
Responding to change with a sense of urgency through continuous risk assessment and resource allocation
Providing audit advisory services on new and changing products and systems
Developing talented professionals for audit and leadership positions
Our primary motivation is to drive positive change throughout the firm. The Information Technology Audit group is responsible for providing the specialized IT audit skills required to assess and evaluate controls over our corporate-wide systems infrastructure environment and system development efforts in support of our businesses.
The Expertise You Have
BA/BS or Graduate Degree in computer science, information technology, information security or related field of study.
Professional audit or information security certifications (GIAC, CISSP, CISA, CISM, and/or CRISC)
7 - 12 years’ experience in technology audits, systems engineering, or related fields.
Proven problem solving, analytical, organizational, and project management skills
Experience with complex and integrated processing environments supporting finance, human resources, risk, and compliance functions
Knowledge of enterprise technology risk management processes
Outstanding oral and written communication skills
Experiential understanding of application development, databases, web application technology, Oracle, PeopleSoft, and secure application development (SSDLC).
Understanding of Cloud Infrastructure-as-a-Service (IaaS), Software-as-a-Service (SaaS), virtualization, and DevOps Tools used in traditional and cloud based environments.
Experiential understanding of solutions that enable and automate security such as authentication, authorization, and accountability.
Experiential understanding of Artificial Intelligence, Machine Learning, Data Science and robotics.
Experiential understanding of security monitoring activities that enable vulnerability, internal/external threat monitoring, incident management and intelligence activities
Self-motivation and the ability to work under minimal supervision
Travel – Estimated up to 20% percent annually including training and corporate events
You are responsible for evaluating risks (external & internal threats, platform & application vulnerabilities, data protection, etc.), testing controls designed to mitigate risk, communicating issues and findings to management, devising solutions for business improvements, and following-up on corrective actions. The Audit Manager will need to work effectively in a team setting and the opportunity requires the team member to:
Participate on and lead professional teams to execute technical audit projects focused on evaluating the design and effectiveness of application, infrastructure, and cyber security controls and processes.
Identify and address systemic gaps in technology risk management. Develop data analysis and apply leading edge and other automated tools to provide management with proper context of potential exposure to control weaknesses.
Develop an ongoing trusted advisor relationship with internal clients and Internal Audit business unit colleagues to ensure timely and consistent controls advice.
Collaborate with business, technology, security, legal, and privacy practitioners to evaluate initiatives that protect employee and customer privacy.
Collaborate with application developers, system architects, engineers, and security practitioners to perform readiness assessments of pre-production applications and systems.