The position requires a driven and self-motivated individual with experience in IT external audit support for SOX, and SOC reporting with an emphasis on Information Technology General Controls (ITGCs) and application automated controls
- Participates in planning and scoping of IT controls both ITGC and automated application controls.
- Leads technology walkthroughs for IT general controls and application controls and prepares relevant documentation
- Executes testing of IT general controls and application controls based on internal and industry standards and guidelines.
- Reviews and assesses impact from issues raised by various partners, both internal and external.
- Based on guidance of IT Audit Manager, distributes work to teams in multiple geographical locations while maintaining ultimate ownership of the final work product.
- Problem solves and steps in to complete work to meet critical deadlines. Conducts root cause analysis, compensating and mitigating controls, and impact analysis.
- 2- 5 years of experience in IT risk and controls space.
- Bachelor's Degree in computer science and or technology management preferred;
- Combined experience in IT external audit, IT internal audit, and Technology Risk and / or ITGC assessment for compliance with SOX.
- Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM) or Certified Information Systems Security Professional (CISSP) required.
- Professional services experience and large banking experience desired.
- You have experience in collaborating with business process teams and appreciative understanding of front, middle and back office processes.
- You have designed and executed testing for ITGCs. Key focus on Access Management (with related experience in Privileged Access Management and Identity and Access Management), and Change Management (with related experience in Agile and DevOps methodologies, and Change Management Preventive/Detective Controls)
- You possess a deep understanding and experience evaluating and testing automated application controls with related experience and understanding of banking products, business processes and key regulatory changes.
- You work well on large teams across multiple geographical locations and possess the ability to multi-task to ensure timely completion.
- You are comfortable interacting with Internal and external auditors across different levels of seniority.
- Experience working with both applications and infrastructure supporting financial reporting processes.
- You have prior experience reviewing and evaluating SOC reports and service provided by third party vendors.
- You are a strong presenter with a good working knowledge of Microsoft Office applications.