Lead IT Auditor
New York, NY 10017 US
Mid-sized Asset Management Firm seeks Lead IT Auditor,
This is a full time direct hire role with a very high end firm that that hires the best of the best and offers interesting work, competitive compensation and great benefits package.
You will be primarily responsible for executing and project managing Information Technology audit engagements including preparation of detailed work papers supporting the audit results and audit reports inclusive of management action plans. This will involve supervision of the execution of assigned audits, including planning, fieldwork, reporting, and issue tracking and follow-up.
Great career opportunity with the opportunity for career advancement and promotion.
In summary you will:
- Perform all phases of the IT audit process
- You will be assigned to assess the GRC processes of the Information Technology / Information Security Groups, including general controls, technology infrastructure (Network, Databases, Servers, OS, Data Centers,…), disaster recovery, applications controls, SDLC and pre/post implementation assessments of new business initiatives where Information Technology is a key component.
- Assess the state of governance, risk management and internal control (GRC) processes to identify internal control gaps or weaknesses related to key IT risks (including awareness of risks both within span-of-control as well as enterprise-wide) including issues tracking and validation, continuous monitoring, auditable entity/key project/key IT application risk assessments, etc.)
- Ensure that audit documentation is adequately and timely documented and signed off prior to report issuance and in anticipation of audit quality assurance reviews.
- Contribute to the strengthening of the Internal Audit function by introducing innovative audit concepts and technique related to IT Audit, including internal controls best practices.
- Advance the internal control environment for IT through credible challenge and the identification, reporting and tracking of high impact risk issues that align with industry best practices and regulatory requirements.
- Report results of audit work in an effective and timely manner, leading to appropriate remedial action and ongoing management of risk.
- Provide big picture thematic assessment of the GRC processes as well as to elaborate on the details supporting the high-level assessment. The result of the execution of the assigned IT audit activities will require a root-cause analysis of the factors that led to the identification of internal control gaps or weaknesses.
- Draft audit findings, actively and promptly discuss them with management, and provide the final product for incorporation into final audit report. When presenting internal control gaps or weaknesses identified in the course of the audit activities to management and advise management on the scope of the corrective actions
- Contribute with the Third Line of Defense assessment of management plans to respond to regulatory issues and inquiries.
- 7+ years of relevant audit work experience in the financial industry that includes 3+ years of experience of IT Audit of technology functions (Asset Management, Trading, Trust, Custody, Securities Lending, Risk, Treasury, Finance, Human Resources) and the regulatory environment specific to these areas
- Deep understanding of relevant regulatory expectations is essential to execute the audit engagements.
- Must be an active critical thinker, intellectually curious and professionally tenacious.
- Microsoft Windows, Word, Excel, Outlook, Access, Power Point Internet Explorer, and Visio.
- Active professional certification(s) in public accounting or internal auditing required, CIA and/or, CISA preferred but some combination of hands-on IT audit and other certifications such as as CISSP, CISM, CGEIT, CRISC is OK.
- Bachelor's Degree or an advanced degree with Computer Science, Economics, Math, Finance, Accounting or a related quantitative course of study required, Master's Degree in Accounting or Business Administration preferred.