Internal Audit is a global area of over 700 people with a multidisciplinary, dynamic and flexible team of professionals whose knowledge and expertise covers all the organization’s areas and activities in multiple countries.
As the third line of defense, Internal Audit’s (IA) mission is to independently assess the firm’s overall control environment, including the firm’s governance processes, controls, and risk management framework. Additionally, the purpose of Internal Audit is to help the BBVA Group accomplish its objective by providing a systematic and disciplined approach to assess and improve the effectiveness of its risk management, control and governance process.
About the role:
Based in New York, NY you will be responsible for executing and managing the internal audit activity for BBVA US Technology Risk with direct reporting to senior management. The candidate has to demonstrate strong experience and knowledge of Technology and Cybersecurity Risk.
You will also be integrated into all types of projects and activities where you will learn multiple processes that support the activity of a large financial institution such as BBVA S.A..
What are we looking for?
We are seeking a highly skilled and experienced Technology Risk Internal Audit Manager to join our team. The candidate will be responsible for evaluating and improving the effectiveness of risk management, control and governance processes within our CIB US operations.
Capacity for analytical and critical thinking and autonomous decision-making. Strong attention to detail and ability to work individually and as part of a team.
As IT Auditor Manager, you will be responsible for the planning, execution, and reporting of audits based on identified risks to provide assurance on the quality and effectiveness of internal control, IT risk management and governance processes.
If you like to be part of a dynamic and multidisciplinary team, in a collaborative environment, and you are passionate about challenges and curious to learn new things, we want to meet you. We’re looking for an enthusiastic person, who has the following characteristics:
Responsibilities
- Conduct risk assessment, continuous monitoring and audit plans to ensure compliance with regulatory requirements and internal policies and procedures.
- Manage the planning, fieldwork, reporting and follow up phases of the internal audit activity to evaluate the internal control processes.
- Responsible for executing audit engagements regarding information systems, management procedures and Cybersecurity controls as they relate to effectiveness and compliance with bank policies, regulations and best standards.
- Evaluate the design and operating effectiveness of the internal control environment to ensure compliance with Technology and Cybersecurity policies and regulations. Able to identify relevant risks and to properly document the audit process.
- Identify and communicate Audit findings to Management, including recommendations for corrective actions. Follow up on Audit findings to ensure timely and effective resolution.
- Stay current with regulatory changes and industry best practices to ensure audits are conducted in accordance with relevant standards and risks. Research current laws, rules, and other regulatory requirements to ensure Internal Audit coverage.
- Develop partnerships with line of business by understanding their initiatives and key business processes and disseminate the information to internal audit management and the audit team.
- Collaborate with other internal audit team members to promote effective risk management practices. Additional responsibilities will include supporting other audit teams from time to time.
- Collaborates with a line of business and other auditors to achieve objectives and to develop partnerships.
- A sound technical knowledge and strong relationship and communication skills are necessary, in order to build productive relationships with our partners and help us become a value-added resource. A results-oriented approach to your job and a focus on improving the quality of your work are key to success in this role.
Education / Experience / Requirements:
- Bachelor’s degree is required. Preferred areas of study are Computer Science, System Engineering, Management Information Systems, or other related fields.
- CISA certification is a must.
- A professional designation such as CISSP, CISM, CIA, etc. is preferred.
- Minimum of 8 years of experience in Internal or External Audit. It will also be considered technology risk analysis area (admission or risk monitoring) or in IT risk control area with capacity for the identification, measurement and analysis of IT risks
- Experience in business continuity/disaster recovery or infrastructure component auditing is preferred.
- Supervisory experience is preferred.
- A solid foundation in the technical aspects of auditing (knowledge of general accounting, business processes, internal controls and risk assessment).
- Communication skills are necessary to articulate insight gained from analysis, by expressing the work done both orally and in writing, in an accurate, clear and concise manner, assignments may require communicating findings to senior management.
- Strong collaboration and problem-solving skills.
- Occasionally available to travel.
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.
With respect to this position in our New York Office, the expected base salary ranges from $150,000 to $190,000. It is not typical for offers to be made at or near the top of the range. Salary offers are based on a wide range of factors including relevant skills, training, experience, education, and, where applicable, certifications obtained. Market and organizational factors are also considered. In addition to salary and a generous employee benefits package, successful candidates are eligible to receive a discretionary bonus.
*Employment eligibility to work with BBVA in the U.S. is required as the company will not pursue visa sponsorship for these positions