IT Audit Manager

Brightstar Lottery•RI Statewide, RI

1d•$60,989 - $200,500•Hybrid

About The Position

Brightstar is an innovative, forward-thinking global leader in lottery that builds on our renowned expertise in delivering secure technology and producing reliable, comprehensive solutions for our customers. As a premier pure play global lottery company, our best-in-class lottery operations, retail and digital solutions, and award-winning lottery games enable our customers to achieve their goals, fulfill player needs and distribute meaningful benefits to communities. Brightstar has a well-established local presence and is a trusted partner to governments and regulators around the world, creating value by adhering to the highest standards of service, integrity, and responsibility. Brightstar has approximately 6,000 employees. For more information, please visit www.brightstarlottery.com. Brightstar Lottery is seeking an IT Audit Manager to join our internal audit team in Providence, RI (hybrid). If you have a passion for understanding dynamic business processes supported by evolving IT systems, this role will offer a rare opportunity to dive into Brightstar’s Global Lottery products, solutions, and services. As a member of the internal audit team, you will lead and execute technology-focused audits with a strong emphasis on information security and IT risk management. You will be a contributor in making meaningful recommendations to technology and business partners to enhance processes, enabling them to achieve our objectives more efficiently, securely, and effectively. The ideal candidate is an experienced auditor and/or information security professional with an audit concentration to understand complex system architectures and operational processes, identify risks and the “what-could-go-wrong” (WCGWs), and evaluate controls to determine if they are appropriately designed and implemented to address these WCGWs. As an IT Audit Manager, you will play a critical role in evaluating the effectiveness of controls and procedures across our global operations. You should be comfortable interacting with a diverse group of technical and business teams, as you will be working closely with them to get a deep understanding of the systems, processes, and communicating findings and recommendations.

Requirements

6+ Years work experience in audit of cyber security controls, or information security with a strong audit focus, or a combination of both.
Candidate must have a strong understanding of IT risk, controls, and compliance.
Big 4 Experience strongly preferred.
Advanced knowledge of the current CIS 8.1 control framework is necessary, as well as a basic understanding of WLA SCS 2020, PCI DSS, and/or MUSL rules.
Knowledge of Common Program Frameworks NIST CSF 2.0, NIS2, and GDPR are also necessary.
3-5 years of project lead experience, involving defining the risk, scope, and objective of the engagement, conducting walkthroughs, executing control testing, reviewing workpapers as well as effectively communicating project status and results to upper management.
Excellent written and verbal communication skills, with all levels of the organization
Prior experience auditing or administering SAP systems (ECC, CRM, HANA, S/4)
Motivated self-starter with logical, yet creative mindset
Strong analytical and research skills
Developed negotiation skills or resolution of issues

Nice To Haves

Professional auditing certification such as IT certification from ISC² (CISSP, CCSP, SSCP) and/or ISACA (CISA, CGEIT, CRISC) is strongly preferred, although equivalent experience may substitute
Experience auditing or working with Microsoft Azure, Linux/UNIX, LDAP, and IBM DB2 database environments, as well as knowledge of Azure cloud computing security and/or background in risk assessment/analysis/management surrounding the use of Machine Learning and Large Language Models (“artificial intelligence”).
Experience working in or auditing decentralized, online processing environments
Experience performing operational audits in environments without established playbooks
Fast-paced tech company experience
PMP or similar project management certification
Experience with ACL data analytics toolset, BluePrism robotics automation platform, and/or implementation of continuous auditing programs

Responsibilities

Plan, conduct and/or lead complex IT audit engagements in areas of high risk to the Company, which may be global in nature, specifically evaluating processes in the areas of information security engineering, administration, and analysis.
Lead risk-based audits of the organization’s cybersecurity practices, including performing risk assessments, process reviews, advisory services, and product engineering security reviews with minimal oversight
Assess the Company’s internal policies and standards to determine compliance with leading Cybersecurity and Information Security frameworks, such as NIST CSF, as well as the effectiveness of safeguards based on common control frameworks (e.g. CIS Controls, NIST 800-53, ISO27K1, etc.) that have been implemented.
Provide value-added insights and recommendations contributing to audit reports that will help to improve the security posture and operational efficiency of our corporate and cloud environments, as well as our lottery product.
Prepare clear and concise reports and other communications for management based upon audit results.
Contribute to the development of the annual IT and Cyber Security audit plan based on enterprise risk.
Design, develop, and execute continuous audit and automation initiatives.
Involvement in analytical projects considering trends, deviations, or analyses for risk assessment.
Develop exceptional understanding of various business profiles within Brightstar Lottery.
Build successful relationships interacting with cross-functional teams.
Maintain professional and technical knowledge by attending educational workshops; reviewing professional publications; establishing personal networks; participating in professional societies.
Some domestic and international travel may be required.