Financial Services Cybersecurity Internal Audit Manager
About The Position
At Crowe LLP, we bring deep industry specialization and functional expertise to help financial institutions stay ahead of evolving risks. We are seeking a Financial Services Cybersecurity Internal Audit Manager to join our growing team of professionals focused on delivering high-quality, technically rigorous internal audit services in the cybersecurity domain. As a Manager, you will work directly with client stakeholders to understand their cybersecurity internal audit needs, collaborate with internal audit team members to plan and execute engagements, and deliver high-quality findings and recommendations that enhance the client's security posture and compliance efforts.
Requirements
- Minimum of 5 years of total professional experience, including:
- At least 3 years of hands-on experience performing internal audits, specifically in cybersecurity, IT general controls, or infrastructure risk within a financial services or consulting environment.
- Strong working knowledge of cybersecurity operations, controls, and governance practices.
- Demonstrated ability to independently complete audits from planning through reporting, with minimal oversight.
- Excellent written and verbal communication skills, especially in documenting observations and explaining results to clients.
Nice To Haves
- One or more relevant professional certifications: CISSP, CISA, or equivalent.
- Experience working with or auditing to financial services regulations and guidelines (e.g., OCC, FDIC, FFIEC, NYDFS).
- Prior experience at a public accounting or advisory firm delivering internal audit services to banking, insurance, or fintech clients.
Responsibilities
- Planning and executing internal audits across cybersecurity and IT infrastructure domains, including:
- Security Operations Centers (SOC)
- Data Services and Data Governance
- Third Party Risk Management (TPRM)
- Cyber Resilience and Incident Response
- Infrastructure risk control frameworks, including second line of defense (2LOD) review
- Infrastructure-level Incident and Problem Management
- Integrated Cyber Auditing alongside business and operational auditors
- Assessing design and operational effectiveness of technical cybersecurity controls against regulatory expectations and industry frameworks (e.g., NIST CSF, COBIT, ISO 27001).
- Preparing thorough audit documentation, reports, and deliverables independently and on schedule.
- Communicating audit procedures, findings, and recommendations directly to client stakeholders, including both technical and non-technical audiences.
- Maintaining audit quality and responsiveness throughout the engagement lifecycle, ensuring client satisfaction and confidence.
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Manager
Education Level
No Education Listed
