Senior Manager of IT Audit

About The Position

Requirements

• Bachelor’s Degree in MIS/AIS, Cybersecurity, Computer Science, or Accounting
• CISA, CISSP, CGEIT, CPA, CIA, etc., or equivalent
• Proven leadership experience that emphasizes knowledge of IT Risk Management, Finding and Remediation Management, IT Audits, and Data Privacy/Security assessments
• 10 + years of IT Audit, Information Security, or Technology Risk experience, including progressive leadership and people-oversight responsibilities
• Strong knowledge of professional standards (U.S. GAAP, GAAS, SOX 404, COSO, AS5 and the Professional Practices Framework of the IIA)
• Familiarity and understanding of major professional audit frameworks and standards (NIST, ISO 27001, ITIL, COBIT, PCI-DSS, etc.)
• Strong understanding of internal controls, operational processes, and risk management principles
• Experience in performing product security assessments in the areas of authentication/authorization and privileged access control
• Strong project management skills with the ability to effectively prioritize and manage multiple audits concurrently
• Strong verbal and written communication skills, to effectively present to peers and management, including report positioning and clarity.
• Ability to discuss complex issues with any level of management and influence perspectives
• Demonstrated ability to lead, coach, and develop audit professionals while maintaining high standards of audit quality and professional judgment
• Strategic thinker with advanced analytical and problem-solving skills
• Ability to understand business processes to identify control deficiencies, process issues, and business problems and recommend potential solutions
• Maintain a current knowledge base of IT audit industry practices to ensure best practices are always considered
• Ensure all assigned audit duties in manner that reflects the highest professional standards and complies with the guidelines of the Institute of Internal Auditors (IIA)
• Proficiency in using audit software, data analysis tools, and MS Office applications
• Excellent organizational skills and understanding of methods for streamlining and automating repetitive functions
• Initiative in pursuing appropriate, timely and effective solutions to complex issues
• Ability to respond to time sensitive issues with quick turnaround

Nice To Haves

• Preferably comes from multinational corporate environment and/or Big 4
• Experience in auditing at a global company with international locations is preferred
• Experience managing or overseeing external auditors, consultants, or co‑sourced audit providers
• Renewable energy industry experience is preferred
• Energy Trading exposure is preferred
• NERC/FERC IT auditing experience is preferred

Responsibilities

• Responsible for the development and execution of a flexible, IT risk-based annual audit plan and performing IT internal control testing. Additionally, maintaining a current IT audit universe
• Responsible for managing the enterprise IT risk assessments, apply critical thinking and analysis, and assist in communicating risks to internal stakeholders globally
• Lead the research of IT issues and trends, formulate recommendations and solutions to support conclusions, and provide practical advice for corrective action, innovation, and continuous process improvements. Present findings and recommendations to stakeholders and leadership teams. Secure management action plans for remediation and monitor remediation progress and timeliness
• Lead the evaluation of new IT processes, policies and systems that improve organization efficiency and effectiveness and enhance IT risk mitigation activities
• Provide day‑to‑day oversight and quality review of IT audit work performed by internal team members and co‑sourced specialists
• Cross-collaborate and communicate within the department to execute integrated audits and advisory engagements across end‑to‑end processes
• Oversee, coach and mentor audit staff on SDLC controls, ITGCs, automated controls, and key reports, including testing methodology and evidence standards
• Oversee third‑party and specialist engagements, including scope definition, execution oversight, and budget management
• Develop productive business partner relationships and proactively interact with key management personnel at all levels to gather information, resolve problems, and make recommendations for business process improvements
• Responsible for executing internal audit team wide IT training on topics of need
• Seamlessly liaise with external auditors in connection with IT process and controls discussions
• Invest in understanding Pattern’s business and the renewable energy industry to better identify areas of need and opportunities to advise
• Lead ad-hoc programs and initiatives to provide advisory insights
• Responsible for materiality/scoping over IT internal controls
• Responsible for ensuring IT audits and related third-party engagements are performed within budget

Benefits

• medical
• dental
• vision
• short and long-term disability
• life insurance
• voluntary benefits
• family care benefits
• employee assistance program
• paid time off and bonding leave
• paid holidays
• 401(k)/RRSP retirement savings plan with employer contribution
• employee referral bonuses