VP, IT Internal Audit Manager

Capital Bank Career•Rockville, MD

2d•Hybrid

About The Position

Capital Bank is seeking an experienced IT Audit leader for our IT Internal Audit Manager role. This position will assist the SVP, IA Director to plan, manage, and maintain the Information Technology Internal Audit (IT IA) function for Capital Bank. More specifically, the VP, IT IA Manager will be responsible for performing and overseeing the IT audits of the bank, including IT infrastructure and operations, data privacy, cybersecurity reviews and the governance of emerging technologies such as Artificial Intelligence (AI). The position will execute and manage IT risk assessments, IT SOX compliance, and technical audits, while providing expertise to other internal auditors or third-party outsourced IA firms. The VP, IT IA Manager is expected to add value to the Bank by developing and executing audit programs based on technological risk, complexity, regulatory expectations (FFIEC, NIST), and the strategic technology roadmap of the Bank. The VP, IT IA Manager will report findings, conclusions, and technical remediation strategies to management and the Audit Committee.

Requirements

Education: Bachelor’s degree required in Computer Science, Information Systems, Cybersecurity, or a related field.
Certifications: Certified in one or more of the following is required: Certified Information Systems Auditor (CISA) Certified Information Systems Security Professional (CISSP) Certified in Risk and Information Systems Control (CRISC) Certified Information Security Manager (CISM)
Experience: Minimum 7+ years of IT audit or cybersecurity experience in the banking sector, financial institutions, or public accounting/consulting.
Technical Knowledge and Skills Regulatory Knowledge : Familiarity with banking and IT regulations is required, including FFIEC IT Examination Handbook, GLBA, NIST Cybersecurity Framework, and SOX.
Data Proficiency: Understanding of data lifecycle management, and data governance principles.
Analytical Skills: Strong analytical skills to review system logs, configurations, and data sets to interpret results and communicate technical concepts to non-technical audiences.
Soft Skills: Strong attention to detail, flexibility to work on multiple projects and meet deadlines.
Communication: Good skills in conducting audit interviews, communicating in an objective manner and presenting results in a relatable and effective manner.
Problem Solving: Strong analytical, and problem-solving skills regarding IT and security environment.
Software Skills: Skilled in working with GRC and audit tools, databases, presentation software, and spreadsheet software.
Ability to travel within a defined market area.

Nice To Haves

Master’s degree in Information Systems, Cybersecurity, or MBA.
Certified Internal Auditor (CIA) or CPA.
Experience auditing Cloud environments (AWS, Azure) is highly desired.
Knowledge of or experience in auditing AI models and governance frameworks.
Experience using audit software and data analytics tools (ACL, IDEA, Python, SQL).

Responsibilities

Risk Assessment & Planning: Utilize a risk-based approach to assist in the development, monitoring, and maintenance of the IT Audit risk assessment and IT Audit plan, specifically focusing on IT infrastructure, IT operations, cybersecurity, data privacy, and AI governance.
Audit Execution: Lead or manage IT audits either working solo, as part of a team, or overseeing a third-party IT audit partner.
Technical Auditing: Conduct audits of the bank’s IT General Controls (ITGCs), application controls, network security, and disaster recovery programs in accordance with FFIEC guidelines, NIST frameworks, and internal policies.
SOX Compliance: Assist or lead in walkthroughs, interim, and roll-forward testing of IT SOX controls (Logical Access, Change Management, IT Operations) and coordinate with external auditors.
Vendor Risk: Assist in audits of critical third-party technology service providers to ensure security standards are met.
AI & Emerging Tech: Evaluate the design and operating effectiveness of controls surrounding Artificial Intelligence, ensuring alignment with guidelines, data integrity standards, and model risk management regulations.
Reporting: Develop technical work papers and internal audit reports that translate complex technical issues into business risks for the Audit Committee and Executive Management.
Project Management: Meet or exceed targeted hours for audits, monitor progress, and report delays to the SVP Internal Audit Director.
Issue Tracking: Carefully evaluate risks or gaps of controls in IT environments, make recommendations to Management, and validate the completion of corrective actions (remediation testing).
Consulting: Consult with IT management on issues, implementation of system changes, or new digital initiatives (e.g., AI integration, cloud migration) where audit independence is not impacted.
Professional Development: Remain current with certifications, training, and changes in regulations, cybersecurity emerging threats, and IT and Security frameworks (e.g., NIST, Cobit etc.)

Benefits

Comprehensive benefits package including Medical, Dental, Vision, Company Paid Life Insurance, Disability Insurance, and more?
Company Contributions to your 401k - Regardless of your contribution
Employee Perks: Paid Parental Leave, Employee Recognition Program, Leadership Program, Tuition Reimbursement Program, Employee Bank Checking Account, and much more!
Generous Paid Time Off and Paid Holidays - Including Paid Charity Hours to support volunteer opportunities

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume