Internal Audit Technology - Associate

About The Position

Requirements

• Prior experience in the audit of functions within a large financial institution. The candidate should have many of the skills and qualifications listed below:
• A good understanding of key processes, risks and controls in a large financial institution, with a preference for knowledge and experience of Technology Infrastructure, Information Security and Cloud audits.
• Experienced in understanding, assessing and documenting relevant risks and controls preferable for Broker-Dealer or Financial Services.
• Experience in and ability to discuss risks and control issues effectively with senior auditees.
• Strong understanding of the use of technology, relevant risks, and control processes.
• Firm understanding of project management and systems development processes.
• Experience with applications and technology infrastructure typically employed to support an Investment Bank / Broker-Dealer.
• Strong knowledge of IT security, including both technical and business controls.
• Firm understanding of technology including Linux, Windows, Messaging Infrastructure, Collaboration Tools, Cloud Infrastructure, Remote Access Technologies and Networking products.
• Demonstrate ability to work across teams and multi-task.
• Confident manner and well-developed communication (both verbal and written), influencing, interpersonal and project management skills.
• Experience in assessing controls based on NIST, SANS, ISO2700 or other leading cyber security frameworks.
• Good understanding of US market structure, and the regulatory compliance environment, including SEC and CFTC regulatory requirements applicable to the global markets in the US.

Nice To Haves

• Relevant certification or industry accreditation (CISA, CISSP, CISM, securities licenses, etc.) is a plus but not required.

Responsibilities

• Assist in the scoping and execution of assurance work in regional and global audits.
• Assess risks and evaluate the strength and viability of control structures and procedures within Technology.
• Ensure all audit work is executed in accordance with Departmental Audit Methodology and documentation standards.
• Stay actively engaged in all phases of assigned audits, from audit planning through testing, completing workpapers, drafting and clearing audit issues with stakeholders, and monitoring own time against budgets and deadlines.
• Monitor issue remediation status monthly and verify that issues are remediated prior to closure.
• Develop and assist in the implementation of effective data analytics and automated testing to identity internal control weaknesses during Internal Audit reviews and continuous auditing.
• Remain current on any changes to Nomura’s risk profile through continuous monitoring the assigned area of responsibility and establishing close contact with Technology stakeholders. This includes assessing operational risk events and other key metrics and updating the audit risk assessments appropriately.