IT Audit Director

About The Position

Requirements

• BA/BS/MS in Technology, Information Systems, Cybersecurity, or related field of study.
• 12+ years of experience in performing and independently leading complex information technology audits, preferably financial services.
• Manage and perform data driven risk-based audit assessments of key systems and applications, drafting audit reports, and liaising with and reporting to senior executives on audit results and corrective actions.
• Team leader who takes initiative and works constructively to achieve team goals.
• Experience working with and understanding the needs of clients.
• Ability to work on multiple tasks and prioritize as a team leader.
• Expert knowledge of cloud security, containerization, API, DevOps, secure software development, application security, databases, and operating systems.
• Expert knowledge of authentication, authorization, and credential management.
• Understanding of artificial intelligence, machine learning, LLM, data science and Robotic Process Automation (RPA) tools.
• Deep technical problem solving and data analytical skills.

Nice To Haves

• Professional Audit or Information Security certifications preferred (CIA, CPA, CISA, CISSP, SANS GIAC, etc.).
• Cloud computing (AWS) related advanced-level certifications preferred (AWS Solutions Architect/ AWS Security Specialty).
• Knowledge of financial services and/or relevant technologies supporting financial services operations (e.g. brokerage, regulatory transfer agency, financial statements etc.) preferred.
• Preferred hands-on skills with various Programming/Scripting Languages (Python, PowerShell, Java, etc.), audit testing tools, and automation.

Responsibilities

• Lead the planning and execution of multiple concurrent IT audits, including reviews of cyber security, existing production applications, systems currently being developed, technology infrastructure and specialized or emerging technologies.
• Work with middle to senior management within a business or function to facilitate the identification and resolution of complex risks (both business and technological) and to provide advice to management regarding mitigation of these risks.
• Lead the assessment the controls over application processes, physical and logical security; systems acquisition and development; system and network infrastructure; system architecture; computer operations; and production support.
• Engage with the squad to offer feedback on work-in-progress, clarify requirements and answer questions, while motivating and influencing squad, and being a voice for its members
• Develop data analysis and apply innovative automated tools to provide management with proper context of potential exposure and loss of business due to control weaknesses.
• Develop an ongoing 'trusted advisor' relationship with audit clients and Internal Audit business unit colleagues to ensure timely and consistent advice.
• Travel (10% annually) to perform audits, and to attend training or corporate events.