Our client, a Fortune 500, is looking for an IT Audit Manager to join their growing.
06th January, 2022
Location(s): Roseland, NJ or Norfolk, VA. Hybrid (2 days a week in office right now w/ flexibility on days chosen)
Job Description & Synthesis
Our client is currently hiring an Information Systems (IT) Audit Manager to join their Internal Audit team. The qualified candidate will execute integrated operational audits of business units, products, activities, and functions. The candidate will also be actively engaged in the audit process from planning to issuance of the audit report.
Manage all aspects of an audit (Planning, Fieldwork, & Reporting), in accordance with departmental guidelines.
Serve as the project manager for small to large audits with moderate to high complexity and perform special reviews and other related duties, as assigned.
Lead multiple projects simultaneously and effectively manage timelines in order to deliver high quality work products in a timely and efficient manner with limited supervision.
Conduct comprehensive reviews of audit areas to define scope, analyze risks, identify opportunities for improvement, and provide value-added recommendations.
Review and provide project-level feedback on audit documentation prepared by associates including, Audit Planning Documents, Audit Announcement letters, and Audit Work Programs ensuring complete coverage and analysis of key areas.
Analyze data sets to identify trends within a population that can provide key risk insights.
Lead meetings, interact / communicate with all levels of the organization, and develop value-added relationships with process owners and business unit management.
Discuss test results and audit findings with IAD management and relevant stakeholders in a timely manner.
Draft observations and recommendations to resolve or prevent errors and enhance controls within the audited entity.
Provide timely status reports to the Director.
Act as a department resource for knowledge in critical subject matter areas and/or key business processes assigned
Facilitate teamwork by contributing to team efforts, sharing responsibility for team results and exhibiting a positive attitude.
Improve and enhance technical proficiency by completing 40 credit hours of applicable training courses per year.
Moderate out of town and local travel, estimated at 15-20% per year
5+ years of progressive audit experience, preferably in a Big 4 Public, National Accounting, or comparable business experience preferred.
Bachelor’s degree in Business, Computer Science, Computer Information Systems, or other related degree is required plus one professionally recognized certification in Internal Auditing or IT Security (CISA, CISM, CISSP, or equivalent certification).
Familiarity with relevant frameworks and methodologies related to IT auditing (i.e., AGILE Auditing, CSA CCM, CoBIT, GDPR, ISO, NIST, SSAE-18, and SOC-2).
Experience in a variety of common platforms, such as Windows, Active Directory, UNIX, Linux, AS/400, z/OS.
Strong analytical skills.
Proficiency in the following areas:
IT general control auditing
IT application controls review
Business process improvement
Microsoft Office Suite (Excel, Visio, PowerPoint, etc.)
Enthusiastic, self-motivated, effective under pressure, and willing to take ownership of assigned tasks
Ability to multi-task and proactively manage workload with competing priorities
Ability to work independently and proactively to execute critical tasks
Proactive, organized, detail-oriented, and capable of completing a diverse workload timely
Excellent interpersonal, verbal, and written communication skills.
Strong project management, time management, and prioritization skills
Excellent critical thinking, analytical, and problem-solving capabilities
Strong work ethic with self-accountability for high-quality deliverables and achieving departmental goals
Moderate out of town and local travel, estimated at 25% per year.
Preference will be given to candidates who have the following:
Solid understanding of internal control concepts with the ability to evaluate and determine the adequacy of controls by considering business and technology risks in an integrated manner
Knowledge of system development life cycle (SDLC) concepts with an ability to quickly learn about complex systems