Manager, IT Internal Audit

Overview

The position will be responsible for leading and executing Information Technology ("IT") audits of critical systems and infrastructure in compliance with Company policies, the Internal Audit Charter and the IIA's Standards for the Professional Practice of Internal Auditing. The position will be responsible for the execution of testing and provide supervision and direction of daily audit work of associated staff related to the risk-based audits and internal controls compliance. The position reports directly to the Staff Vice President, Internal Audit and indirectly to the Senior Audit Manager.

Responsibilities

INTERNAL AUDIT

• Perform control reviews that include processes related to system development standards, operating procedures, system access security and control, program change management, backup and disaster recovery, and system maintenance.

• Lead the execution of IT and operational internal audit activities including risk assessments, scoping, planning, fieldwork, testing, and reporting.

• Constructively work with Business Unit leadership and Internal Audit teams to identify improvement areas, agree upon appropriate corrective actions, facilitate remediation efforts, and monitor progress to ensure that the Company is responding timely to address deficiencies that jeopardize the achievement of its objectives.

• Guide the development and implementation of data analytical audit techniques.

• Encourage the sharing of data analytics best practices throughout the organization and its various locations.

• Provide briefs to, and lead discussion with, local management on all audit issues during the closing meeting.

• Prepare an audit report draft to share with local management. Work with local management to coordinate agreement on all reportable issues, action plans and timing of remediation.

• Oversee the maintenance of a comprehensive departmental policies and procedures manual while ensuring ongoing compliance with the IIA's Standards for the Professional Practice of Internal Auditing.

• Work with Internal Audit management to develop, sustain, and continuously enhance the brand and perceived value of the Department within the Company.

• Interact with senior levels of management (CIO, CFO, Controller, etc.) to communicate audit risks, issues and related corrective actions.

• Interface with the external auditors to ensure adequate IT audit coverage and to encourage the sharing of information where practicable.

• Assist in the development and lead the execution of a comprehensive risk-based audit plan that evaluates the Company's risk management, internal control, and governance processes.

• Lead the annual IT risk assessment and ranking of the information technology environment.

• Assist the Staff Vice President, Internal Audit with the collection and coordination of information and materials for presentation to the audit committee.

• Supervise and assist in the development of other members of the internal audit group.

INTERNAL CONTROLS OVER FINANCIAL REPORTING/SARBANES-OXLEY COMPLIANCE

• Perform activities related to internal controls compliance including risk assessment, control design and test of operating effectiveness. Lead effort to assist key executives in documenting both existing and newly created policies and procedures using established Company standards.

• Lead the execution of appropriate testing strategies and plans to enable management to assess the operating effectiveness of IT general and other controls over financial reporting.

• Constructively work with management to identify areas for improvement, collectively agree upon appropriate corrective actions, facilitate remediation efforts, and monitor progress to ensure that the Company is timely addressing and remediating significant deficiencies and/or material weaknesses.

• Ensure effective coordination with the external auditors to ensure they can place optimal reliance on Internal Audit's IT compliance-related work and facilitate the sharing of process and testing documentation.

• Ensure the seamless integration of the efforts of internal audit and internal control compliance activities to maximize the resources of the Departmental team.

Qualifications

• Bachelor's degree in Computer Science or Accounting.

• CISA, CISSP, CIA or CPA required.

• 5+ years' experience auditing information systems including audit, planning, execution and workpaper documentation

• Risk management and analysis from an IT specific background.

• Project management experience.

• Higher level knowledge of IT security and application development.

• Strong expertise in one or more of the following areas of technology: Infrastructure (e.g. servers, storage, O/S), Network, Information Security, Application Development or Support, Application/Database Architecture.

• Experience building data analytic procedures and using them on audit or investigative initiatives.

• Familiarity with data visualization tools (e.g., Tableau) desirable but not required.

• Familiarity with data analytical tools (e.g., ACL, IDEA, Python) desirable but not required.

• Experience with database management systems, data warehousing, query languages, report generators desirable but not required.

• Excellent oral and written communication and presentation skills, strong analytical skills, ability to maintain composure under pressure, and a proactive approach to problem-solving and the overall execution of job responsibilities are all essential qualities necessary to be successful in this position.

• Strong familiarity with Control Objectives for Information and Related Technology ("COBIT")/National Institute of Standards and Technology ("NIST") framework and other professional auditing standards.

• Demonstrated knowledge of SOX/Internal Controls compliance frameworks (e.g., COSO).

• Strong organizational and leadership skills with the ability to develop talented individuals.

• Ability to inspire a strong spirit of cooperation among the management team and Internal Audit staff while embracing the Department's philosophy of continuous improvement and disciplined process execution.

• Ability to provide sound business judgment and strategic thinking to enable the Company to create and sustain a "world class" internal control and risk assurance environment.

• Proficiency with Microsoft ("MS") PowerPoint to create executive-level presentations.

• Proficiency in advanced functions of MS Excel and/or Access to develop and support data analysis and reporting.

• Ability to travel approximately 5% - 10% is required.

• Availability to work overtime as required.

Salary Range: $106,000 - $143,000

Financial offer within the stated range will be based on multiple factors to include but not limited to location, relevant experience/level and skillset.

The Company is an Equal Opportunity Employer. It is our policy to afford equal employment opportunity to all employees and applicants for employment without regard to race, color, religion, sex, sexual orientation, national origin, citizenship, place of birth, age, disability, protected veteran status, gender identity or any other characteristic or status protected by applicable in accordance with federal, state and local laws.

If you'd like more information about your EEO rights as an applicant under the law, please download the available EEO is the Law document at http://www1.eeoc.gov/employers/poster.cfm.

To view our Pay Transparency Statement, please click here: Pay Transparency Statement