Information Systems Audit Manager

About The Position

Requirements

• Bachelor’s degree in information systems, computer science, or a related field.
• Over six (6) years of progressive IT/Technology audit experience, including four (4) years of experience leading people.
• Completed or in-progress certifications: CISA, CISSP, CISM, CPA.
• Strong knowledge of IT General Controls, application controls, and SOX404.
• Experience in performing audits using recognized control frameworks (e.g. NIST, COBIT, CMMC, FedRAMP).
• Proficiency with Microsoft Office and audit tools such as HighBond/ACL.
• Excellent written and verbal communication skills, with the ability to influence at all levels.
• Occasional travel may be required.
• Must live local to the Buffalo, NY area to work onsite.

Responsibilities

• Lead end to end technology and information systems audits, including risk assessment, scope definition, execution, reporting, and follow up.
• Independently determine the depth, breadth, and focus of audit testing based on risk and business impact.
• Evaluate the design and operating effectiveness of IT general controls, application controls, and technology-enabled business processes.
• Assess risks related to system development, implementation, change management, access security, data integrity, and system availability.
• Perform audits aligned to recognized frameworks such as NIST, COBIT, CMMC, FedRAMP, and SOX404.
• Identify control gaps, assess exposure, and provide practical, risk-based recommendations.
• Apply professional judgment where criteria or standards are not clearly defined.
• Evaluate audit results holistically, considering management’s perspective, business objectives, and operational realities.
• Recognize when specialized expertise is required and coordinate with internal or external resources.
• Communicate audit results clearly and persuasively, both written and verbal, to technical and non-technical stakeholders.
• Build trusted relationships with IT leadership, cybersecurity teams, and business partners.
• Present complex technology risks in a manner that enables informed decision making.
• Leverage audit analytics and technology to increase coverage, efficiency, and audit quality.
• Contribute to the development of enterprise-wide IT policies, standards, and governance practices.
• Recommend and implement improvements to internal audit methodologies and processes.
• Actively engage in professional development and encourage innovation within the audit function.

Benefits

• Financial Rewards: great compensation package, annual profit sharing, matching 401k and the ability to participate in Employee Stock Purchase Plan, Flexible Spending and Health Savings Accounts
• Work/Life Balance: Flexible paid time off, holidays and parental leave program, relocation assistance
• Health & Welfare: Comprehensive insurance coverage including medical, dental, vision, life, disability, Employee Assistance Plan (“EAP”) and other supplemental benefit coverages
• Professional Skills Development: Tuition Assistance, mentorship and coaching opportunities, leadership development and other personal growth programs
• Collaborative and Welcoming Workplace: Inclusive culture rooted in our values, enhanced by Employee Resource Groups, and team-building activities.