Internal Audit Manager, Vice President - Issue Validations - Technology

About The Position

Requirements

• Demonstrated experience leading end-to-end technology audit or validation work (planning, testing, documentation, and reporting) with accountability for final conclusions and workpaper quality.
• Demonstrated experience assessing and validating remediation of technology controls across cloud and infrastructure, identity and access management, application delivery, software development lifecycle, etc.
• Proven ability to lead and oversee junior team members, including assigning work, providing direction, reviewing workpapers, and ensuring consistent execution across work performed by Associates/Analysts.
• Strong risk and control judgment, including the ability to evaluate evidence and determine whether remediation is sustainable and reduces residual risk to an acceptable level.
• Strong stakeholder management skills, including the ability to influence outcomes, manage difficult conversations, and provide independent challenge while maintaining constructive partnerships.
• Excellent written and verbal communication skills, including the ability to produce clear documentation that is re-performable and aligns to firm standards.
• Strong execution discipline, including the ability to manage multiple concurrent deliverables, meet deadlines while maintaining quality.

Nice To Haves

• Knowledge of technology risk coverage across domains such as cyber security, infrastructure/operating systems, network security, data management, platform engineering, third-party technology risk, and endpoint controls.
• Demonstrated experience testing cloud controls, including governance/guardrails, configuration assurance, logging and monitoring, vulnerability/patch management, key management, and resilience patterns.
• Demonstrated experience testing Identity and Access Management (IAM) controls, including joiner/mover/leaver, privileged access, authentication/authorization, access provisioning, periodic access recertification, and segregation of duties.
• Demonstrated experience testing application and SDLC controls, including change management, CI/CD governance, code promotion controls, secure SDLC practices, configuration management, production access, and application logging/monitoring.
• Experience applying AI-assisted capabilities in a controlled environment to enhance audit planning, testing consistency, and documentation quality and/or experience with advanced analytics techniques and tooling used in audit/testing contexts to improve testing efficiency and risk coverage.
• Relevant professional certifications (for example, CISA, CISSP, or equivalent), or demonstrated commitment to continuous learning in technology risk and controls.
• Experience operating within large, complex financial institutions and navigating governance, regulatory expectations, and multi-stakeholder delivery environments.

Responsibilities

• Lead technology issue validations end-to-end, including scope definition, test strategy, execution, documentation, and reporting of final validation conclusions.
• Assess whether remediation demonstrates effective and sustainable control performance by testing both control design and operating effectiveness, and by evaluating evidence sufficiency to support a conclusion on residual risk.
• Review Associate/Analyst workpapers to ensure accuracy, completeness, and re-performability, and that the overall work product meets Internal Audit standards.
• Coach and develop Associates/Analysts through hands-on guidance, structured feedback, and knowledge sharing to foster testing discipline, professional skepticism, and written communication.
• Drive timely resolution of open items by proactively engaging stakeholders on evidence gaps, remediation scope, sustainability concerns, and control intent; escalate disagreements through appropriate governance when required.
• Draft and deliver clear, concise validation documentation and reporting packages that articulate testing performed, results, exceptions, and final conclusions in a manner suitable for oversight and re-performance.
• Partner with technology and business stakeholders to understand remediation actions and implementation details while maintaining independence and providing credible challenge to ensure outcomes align to risk and control objectives.
• Manage multiple concurrent validations by prioritizing work across assignments, tracking milestones, and ensuring delivery against committed timelines without compromising quality.
• Contribute to validation portfolio planning and forecasting with the Issue Validation Director and Global Technology Audit COO, including intake assessment, sequencing, and capacity planning.
• Apply AI-enabled tools and data analytics to improve test coverage, evidence quality, and documentation consistency, while adhering to firm policies on model use, data handling, confidentiality, and audit standards.

Benefits

• comprehensive health care coverage
• on-site health and wellness centers
• a retirement savings plan
• backup childcare
• tuition reimbursement
• mental health support
• financial coaching