Responsibilities:
- Develop and implement comprehensive internal audit plans for IT security and business applications, in line with industry best practices and regulatory requirements (e.g., SOX).
- Lead and manage a team of internal auditors in conducting risk assessments, control testing, and IT-related audits.
- Identify, assess, and report on IT security vulnerabilities and control deficiencies.
- Recommend and implement improvements to enhance IT security and strengthen controls.
- Collaborate with IT management to address and remediate identified control gaps and security issues.
- Stay informed about emerging IT security threats and industry best practices.
- Effectively communicate IT security and control risks to senior management and the Board of Directors.
- Contribute to audit planning and scoping activities.
- Perform data collection, review, and analysis.
- Conduct interviews with key personnel and observe data management practices.
- Analyze findings to identify gaps or weaknesses, and provide recommendations for improvement.
- Prepare working papers, memos, and draft reports in accordance with internal audit methodologies.
Knowledge, Skills, and Abilities:
- Experience in Internal Audit at a large financial institution, either in a consulting capacity or as an internal employee.
- Proficient in Governance, Risk, and Compliance (GRC) technologies.
- Strong communication, interpersonal, and leadership skills.
- Analytical mindset with strong problem-solving abilities to develop well-reasoned solutions.
Education, Training, and Experience:
- BS or MS in Computer Science or a related field, along with relevant industry certifications.
- 5+ years of experience in internal auditing, with at least 3 years focused on data management (e.g., Data Privacy, Data Quality, Data Security, Data Governance).
