Primary Responsibilities:
- ·Manage the IT & Cyber audit team, resources, and schedule, and ensure timely completion and quality of audit deliverables
- Develop and maintain a risk-based IT & Cyber audit plan that aligns with the organization's strategic objectives and complies with professional standards
- Lead and supervise technology focused audit engagements, including scoping, testing, reporting, and follow-up activities
- Evaluate the design and operating effectiveness of technology based controls, policies, and procedures, and identify areas for improvement and remediation
- Conduct audits of IT general controls, as well as controls over the development, deployment, and maintenance of our commercial software and SaaS products, also considering cybersecurity controls
- Assess and evaluate the effectiveness of cybersecurity measures, including the protection of sensitive data, network security, and incident response capabilities
- Communicate audit results and recommendations to senior management and the audit committee in a clear and concise manner
- Coordinate with external auditors and regulators on IT audit matters and provide support as needed
- Provide technical expertise and advice on IT & Cybersecurity risks, controls, and best practices to the audit team and the business units
- Monitor and report on the status of IT & Cyber audit issues and action plans
- Keep abreast of emerging IT & Cybersecurity trends, risks, and regulations, and update the IT audit methodology and tools accordingly
- Contribute to the continuous improvement of the internal audit function and foster a culture of collaboration and learning
Knowledge, skills, and Abilities:
- Strong knowledge of technical frameworks, standards, and best practices, such as COBIT, ITIL, ISO 27001, and NIST
- Proficient in IT audit tools and techniques, such as data analytics, automated testing, and audit software
- Excellent communication, presentation, and interpersonal skills, with the ability to influence and build rapport with senior management and stakeholders
- Highly analytical, critical, and problem-solving skills, with the ability to identify and evaluate IT risks and controls
- Strong project management, leadership, and coaching skills, with the ability to plan, execute, and supervise multiple internal audit engagements
- Self-motivated, adaptable, and proactive, with the ability to work independently and collaboratively in a dynamic and fast-paced environment
- High ethical standards, integrity, and professionalism, with the ability to maintain confidentiality and objectivity
- Experience managing, mentoring, training, and coaching a team of technology focused professionals
- Bachelor's degree in computer science, information systems, accounting, or related field
- Minimum of five (5) years of IT & Cyber audit experience, preferably in a large and complex organization
- Professional certification in IT auditing or Cybersecurity, such as CISA, CIA, CISSP, GSEC, Security+, or CISM
Physical Demands and Work Environment
Duties are generally performed in an office environment, with a high level of mobility required throughout the facility. Work while seated at a desk or a computer table may necessitate the use of a computer, telephone communication, and reading of printed materials.
The Job Description is intended to be a general representation of the responsibilities and requirements of the job. However, the description may not be all-inclusive, and responsibilities and requirements are subject to change.
The annual U.S. base pay range for this position is: $109,506.00 - $164,260.00