Senior Director, Internal Audit - Information Technology

Purpose and Job Summary

Senior Director, Internal Audit - Information Technology (Sr. Director, IA - IT) will be an integral part of the internal audit team, responsible for improving the company's information technology operations by evaluating and improving the effectiveness of risk management, controls, and governance processes.

The Sr. Director, IA - IT will execute on the strategic plan for the IT Audit function, develop and propose the IT audit plan, lead and carryout the IT audit plan, and provide regular updates to the CAE and executive leadership. Additionally, will advise on new technology and initiatives from an internal controls perspective, coordinate IT audit activities with external auditors, and manage IT general controls and SOX testing. This role requires effective interaction with IT and business leadership to drive risk mitigation and stay abreast of IT operational changes and emerging technologies. Additionally, the Sr. Director, IA - IT will conduct the annual IT audit risk assessment and monitor the changing technology risk landscape in coordination with IT leadership and the CAE.

Essential Duties & Responsibilities

• Manage the strategic coverage approach for the relevant IT audit universe, including proactive monitoring for changing risks and necessary coverage approach changes.

• Lead updates to the IT risk assessments, audit universe, and audit plan for relevant entities.

• Direct IT and integrated assurance audits, IT SOX program, and advisory projects across the company, including supervising audit teams, which may include third-party resources, and coordinating with business process audit leaders.

• Review IT audit engagement planning documentation and audit programs to ensure adequate coverage of risk and sufficient rationale for audit scope. Maintain close control over budget, schedule, and quality of work.

• Review conclusions and findings for each project conducted, ensuring reports are readable, concise, and accurately reflect findings identified and documented in related workpapers. Ensure related risks, conclusions, and recommendations are reasonable and well-supported.

• Lead pre- and post-implementation audits of new system implementations, expanding ERP footprint, and application re-writes.

• Identify emerging risks and trends in areas of focus related to information technology and take opportunities to present them to relevant leaders within the company.

• Develop an understanding of the organization's business processes, goals, and strategy and provide management with proactive guidance on emerging risks and impact on the internal control environment.

• Establish and maintain good relationships with key business leaders and audit partners. Leverage specialized knowledge and skills, providing management with insight into their area of subject-matter focus, building trust and mutual respect.

• Effectively represent internal audit at management meetings, internal forums, as well as to external auditors.

• Manage the relationship with external auditors responsible for the IT components of the external audit.

• Contribute to IA's strategic initiatives to utilize technology to improve efficiency, increase coverage, automate tasks/testing.

• Provide timely feedback, on-the-job training and coaching to audit staff and direct reports. Help team members grow their careers. Maintain an open, inclusive, and trusting team environment.

• Participate in due diligence projects on behalf of Internal Audit, including leading initial IT control reviews.

• Some travel for IT internal audit/SOX, may be required.

• Other projects and duties as assigned.

Contacts

This position has frequent contact with various levels of employees and management including senior management, external auditors, and other third parties.

Education, Skills, & Experience

Required

• Bachelor's degree from accredited four-year university in Management Information Systems, Accounting Information Systems, Computer Science or other IT related discipline.

• 15 or more years of information technology audit experience in public accounting, internal audit, or other related audit experience.

• CISA (preferred), CPA, or CIA certification.

• In-depth technical knowledge of IT audit practices, IT general controls, and SOX.

• Possess strong subject matter knowledge in critical areas of technology infrastructure, information security, and technology service processes.

• Knowledge of internal audit principles (IIA Standards, and COSO) and IT control frameworks (e.g. COBIT, NIST).

• Demonstrated experience in leading and executing all aspects of the audit lifecycle, including planning, risk assessment, scoping, detailed testing and reporting.

• Experience in leadership or management of teams.

• Excellent organizational, communication, presentation, and interpersonal skills with success as an approachable and influential advisor at all levels of an organization.

• Ability to plan, organize, and prioritize assignments, and to meet critical and established deadlines; Ability to manage multiple assignments and transactions simultaneously.

Life at ORIX

We are committed to the health and well-being of our employees and offer a quality, competitive benefits package that provides valuable healthcare and financial protection for our workforce, while emphasizing a healthy work/life balance.

You Time

We want you to have the time needed to recharge and manage life with our competitive vacation policy, floating personal holidays, extensive leave options, our annual observed holidays, and more.

Family Care

Every family has a different journey and ORIX USA Group is proud to offer extensive benefit programs such as: infertility coverage, adoption support, child and elder care, fully paid maternity, and generous parental leave benefits to help you and your families along the way.

Flexible Work Arrangements

ORIX associates enjoy the advantages of our hybrid working model with a 3 day in-office minimum requirement.

ORIX USA is an equal opportunity employer, providing equal employment opportunities (EEO), and is committed to diversifying its workforce. All employees and applicants for employment will receive consideration for employment without regard to race, color, religion, sex, national origin, age, disability, genetics, sexual orientation, gender identity or expression, pregnancy, protected veteran status or other status protected by law. This policy applies to all terms and conditions of employment.