IT Infrastructure Audit Associate

Sumitomo Mitsui Banking Corporation•Charlotte, NC

8d•Hybrid

About The Position

SMBC is seeking an experienced IT Infrastructure Audit professional with a minimum of 3-5 years’ experience in the banking and finance/technology industry to conduct audit coverage for the firms IT infrastructure, Americas Division. Coverage includes key IT infrastructure including operating systems, databases, virtualization, middleware, unified communications, web application infrastructure, IT Governance, Change Management, Remote Access, Incident and Problem Management, Cloud, and more. Reporting to IT Infrastructure Team Head, the Audit professional will be responsible for (i) conducting regular IT application audits, ensuring work is performed in accordance with IIA standards and Internal Audit Department (IAD) policies and procedures, and (ii) supporting the issue validation activities, and (iii) partnering with other members and (iv) supporting the IT Infrastructure Team Head in the execution of their duties. In addition, they will (i) support IAD Management team in helping to identify areas of coverage for planning, development, implementation, and maintenance of an internal audit program covering technology related areas across the Americas Division and (ii) conduct regular continuous monitoring activities covering IT infrastructure and technology related risks and related processes and controls within a prescribed timeframe.

Requirements

Minimum of 3-5 years of IT Application/Infrastructure/Cybersecurity audit experience in the banking and/or technology industry.
Knowledge of IT Infrastructure related risks and controls (i.e. General Controls, Platform Controls, Virtualization, Cloud, AI/Machine Learning, etc…)
Knowledge of industry relevant standards (i.e. NIST, CRI, etc...) and related regulatory expectations (i.e. NYS DFS 500, FFIEC, etc…)
Knowledge of audit techniques, risk and internal controls assessment, and workpaper standards.
Strong strategic thinking skills including the ability to identify and assess technology related risks.
Ability to act as trusted advisor to technology management using discretion and sound judgment in identifying, analyzing, and reporting problems.
Excellent communication (both verbal and written), presentation and professional skills including the ability to interact effectively at all levels within the organization.
Bachelor’s Degree in Information Technology, Finance, or related field.

Nice To Haves

Advanced degree a plus.

Responsibilities

Conduct regular audits of IT infrastructure related areas assessing adherence to firm and regulatory requirements and assessing design, operating effectiveness and sustainability of associated controls.
Help to create audit issues and reports that clearly articulate results and conclusions for review with senior audit management and auditees.
Challenge the ongoing coverage of IT infrastructure work and present ideas for improvement.
Facilitate risk issue tracking to promote timely remediation.
Perform issue assurance work for audit, regulatory, and self-identified to confirm closure or recommend additional actions.
Work collaboratively with colleagues and auditees to identify risk concerns and agree reasonable solutions.
Forge strong partnerships with colleagues in other IT application and control functions including legal, compliance, data security and risk management to promote front-to-back collaboration across risk assessment and findings remediation.
Partner with audit colleagues in other business verticals and/or geographies to share best practices and drive greater consistency. Seek out opportunities to engage with stakeholders outside of formal audit periods to drive deeper relationships.
Conduct regular Continuous Monitoring activities and auditable entity updates.