Financial Services Cybersecurity Internal Audit Manager
About The Position
At Crowe, you can build a meaningful and rewarding career with flexibility, trust, and support for your well-being and growth. With over 80 years of history, Crowe delivers excellent service through innovation in audit, tax, and consulting. The firm continuously invests in AI-enabled insights and technology-powered solutions. Crowe LLP brings deep industry specialization and functional expertise to help financial institutions manage evolving risks. This role is for a Financial Services Cybersecurity Internal Audit Manager to join a growing team focused on delivering high-quality, technically rigorous internal audit services in the cybersecurity domain. As a Manager, you will work directly with client stakeholders to understand their cybersecurity internal audit needs, collaborate with internal audit team members to plan and execute engagements, and deliver high-quality findings and recommendations to enhance client security posture and compliance efforts. You will play a critical role in independently delivering internal audits and advisory engagements across a variety of financial services clients.
Requirements
- Minimum of 5 years of total professional experience, including: At least 3 years of hands-on experience performing internal audits, specifically in cybersecurity, IT general controls, or infrastructure risk within a financial services or consulting environment.
- Strong working knowledge of cybersecurity operations, controls, and governance practices.
- Demonstrated ability to independently complete audits from planning through reporting, with minimal oversight.
- Excellent written and verbal communication skills, especially in documenting observations and explaining results to clients.
Nice To Haves
- One or more relevant professional certifications: CISSP, CISA, or equivalent.
- Experience working with or auditing to financial services regulations and guidelines (e.g., OCC, FDIC, FFIEC, NYDFS).
- Prior experience at a public accounting or advisory firm delivering internal audit services to banking, insurance, or fintech clients.
Responsibilities
- Planning and executing internal audits across cybersecurity and IT infrastructure domains, including: Security Operations Centers (SOC), Data Services and Data Governance, Third Party Risk Management (TPRM), Cyber Resilience and Incident Response, Infrastructure risk control frameworks, including second line of defense (2LOD) review, Infrastructure-level Incident and Problem Management, Integrated Cyber Auditing alongside business and operational auditors
- Assessing design and operational effectiveness of technical cybersecurity controls against regulatory expectations and industry frameworks (e.g., NIST CSF, COBIT, ISO 27001).
- Preparing thorough audit documentation, reports, and deliverables independently and on schedule.
- Communicating audit procedures, findings, and recommendations directly to client stakeholders, including both technical and non-technical audiences.
- Maintaining audit quality and responsiveness throughout the engagement lifecycle, ensuring client satisfaction and confidence.
Benefits
- Comprehensive total rewards package
- Inclusive culture that values diversity
- Career Coach that will guide you in your career goals and aspirations
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Manager
Education Level
No Education Listed
Number of Employees
1,001-5,000 employees
