Senior Audit Manager (FVP)

About The Position

Requirements

• Bachelor’s degree in Accounting, Finance, Information Systems, Computer Science, or a related field.
• Minimum of 8–10 years of progressive internal audit, IT audit, information security, or risk management experience within a regulated financial services environment.
• Demonstrated experience leading complex IT and information security audits and supervising audit staff.
• Strong understanding of IT general controls, cybersecurity, cloud environments, data governance, third-party risk, and SDLC controls.
• Working knowledge of banking regulations and technology-related regulatory expectations (e.g., FFIEC, OCC, FDIC guidance).
• Understanding of COSO internal control framework and its application to technology-enabled processes.
• Experience using audit management systems, data analytics, or automated auditing techniques.
• Excellent analytical, organizational, and project management skills.
• Strong written and verbal communication skills, with the ability to translate complex technical issues for senior management and the Audit Committee.

Nice To Haves

• Professional certification such as CISA strongly preferred; CIA or CPA a plus.

Responsibilities

• Lead and supervise internal audits and targeted reviews with a primary emphasis on Information Technology, Information Security, cybersecurity, technology governance, third-party risk management, data protection, and system development life cycle controls.
• Serve as the Internal Audit subject matter expert for IT and Information Security, including identifying emerging technology and cyber risks relevant to the Bank.
• Plan and execute audits across multiple business lines, including IT, Commercial Banking, Risk Management, and Bank Operations, ensuring appropriate integration of technology risks into all audits.
• Develop audit scopes, perform risk assessments, oversee testing, validate issues, and ensure appropriate coverage of IT-dependent controls.
• Identify control deficiencies, assess root causes and impact, and recommend practical, risk-based remediation strategies.
• Review and approve audit workpapers to ensure accuracy, completeness, and adherence to Internal Audit standards.
• Prepare, review, and edit audit reports to clearly communicate technology, information security, and business risks from a senior management and Audit Committee perspective.
• Evaluate management action plans and monitor the remediation of IT, information security, and business audit issues.
• Coordinate audit activities with internal stakeholders, regulators, and external or co-source auditors, particularly for targeted technology and cybersecurity reviews.
• Support enterprise risk assessment, SOX, and regulatory examination activities where technology or data risks are present.
• Provide coaching, technical guidance, and performance feedback to audit staff and managers.
• Stay current on regulatory guidance, industry standards, and emerging risks related to IT and information security, including FFIEC, NIST, and cybersecurity frameworks.
• Assist the DCAO with departmental initiatives, strategic projects, and regulatory or Board-level requests as assigned.

Benefits

• Pay Transparency Statement