IT Audit Manager

Under the direction of the Head of Internal Audit, supervise the internal audits of information technology areas of the Bank, its banking centers and subsidiaries in order to ensure compliance with Bank policies and procedures, as well as industry guidelines and best practices (FFIEC, COBIT, ITIL, NIST, ISO, etc).

Responsibilities:

• Responsible for identifying and evaluating relative risks of the various Technology areas of the bank by performing risk assessment analyses to determine the frequency of audits and develop the Technology Annual Audit Plan.

• Planning, scoping and managing the execution of all technology related internal audits at Amerant Bank, its banking centers and subsidiaries.

• Directing the outsourced audit functions, supervising their work to ensure adequate coverage and the quality of audit results

• Overseeing the completion of the bank's Sarbanes-Oxley (SOX), Section 404 walk-through and testing of information technology general controls (ITGCs) in order for management to prepare their year-end FDCIA attestation.

• Responsible for assigning final ratings for each completed audit and submitting them to the Head of Audit for review and approval.

• Mitigating exposure to losses by identifying and evaluating risk and providing audit results and recommendations that improve the efficiency and effectiveness of internal control processes.

• Understanding the audit environment, regulatory requirements and industry practices in order to direct the development of audit programs that include testing for policies, procedures and internal controls that mitigate risk. Keep abreast with industry guidelines and best practices (FFEIC, COBIT, ITIL, NIST, ISO, etc) and other changes, in order to update the audit processes as required.

• Identifying, assessing, and reporting to the Head of Internal Audit any current or prospective risks related to the Bank's Technology areas, as a result of changes in the environment or non-compliance with internal policies and procedures or industry best practices.

• Responsible for planning and scheduling internal audits of Technology areas to meet the annual audit plan by implementing a risk-based audit approach while considering staffing availability and audit priorities.

• Leading the performance of audit procedures, developing criteria to review and analyze relevant information, evaluating evidence, identifying and defining findings and recommending corrective actions, and ensure their implementation by testing for their completion in each consecutive audit.

• Verifying audit work, including report draft, fieldwork tests, accuracy and completeness of work papers, audit findings, conclusions, recommendations. Leading initial audit meetings and final exit meetings with audited managers.

• Ensuring the quality of the workpapers in accordance with the Professional Standards for the Practice of Internal Auditing.

• Communicating effectively and professionally with area Managers during audits to ensure effective, professional, and productive communication resulting in perceived value-added to the organization.

• Serving as liaison for Technology audits with examiners from the Office of the Comptroller of the Currency (OCC), and the Federal Reserve Bank during examination of the Bank and the Agency; prepare and provide information as requested.

• Responsible for creating or updating audit programs for the Operations and IT areas, ensuring proper coverage.

• Reviewing the Management Action Plans submitted by the audited managers to determine if the responses adequately address the recommendations. Approve or decline the Management Action Plans received.

• Support the development of Internal Audit technologies to gain operational efficiencies. These technologies may include the Internal Audit Management and Workflow tool, Internal Audit risk sensing dashboards, Data Analytics development, AI and/or other technologies that would improve audit performance and reporting.

• Identifying, evaluating, monitoring and making any recommendation deemed necessary to their respective Risk Committee in order to assess, reduce, eliminate or control any current or prospective risks to earnings or capital arising from violations of, or nonconformance with, laws, rules regulations, prescribed practices, internal policies and procedures or ethical standards.

• Monitor, track and validate issues identified in prior technology audits for proper closure.

Minimum Education and/or Certifications Requirements:

Bachelors' Degree plus related post-graduate degree or certification, such as CISA, CIA, CISSP or MBA.

Minimum Work Experience Requirements:

At least 10 years of banking experience, with a minimum of 6 years internal audit experience in the area of information technology. Minimum 4 years managing staff and third-party vendor relationships, interacting effectively with all levels of management.

Technical and/or Other Essential Knowledge:

Advanced information technology and banking knowledge, organizational and project management skills, training and analytical skills, independent thinker, ability to multitask. Ability to analyze problems and recommend solutions. Ability to manage, coach and guide staff. Ability to communicate clearly and professionally. In-depth knowledge of specific areas of supervision: Bank Operations and Technology. Previous experience with Lotus Notes, Internet and MS Office Skills, including MS Word Advanced, MS Excel Advanced, MS PowerPoint Advanced, MS Project Advanced and MS Visio Advanced required.