IT Internal Audit Manager

Position Summary: The position will be responsible for leading, managing and executing Information Technology ("IT") audits of critical systems, infrastructure, and emerging technology domains, including cloud computing, cybersecurity, and third-party risk in compliance with Company policies, the Internal Audit Charter and the IIA's International Professional Practices Framework. The position will be responsible for the planning, execution and reporting of risk-based audits and internal controls compliance. The position reports directly to the Staff Vice President, Internal Audit and indirectly to the Senior Audit Manager.

Values and Behavioral Standards: To ensure the effective communication and application of company values and behavioral standards, as stated in our company "Code of Conduct" policy, and to respond appropriately in the event of any known departure.

Major Job Accountabilities:

INTERNAL AUDIT

• Lead the execution of IT and operational internal audit activities including risk assessments, scoping, planning, fieldwork, testing, and reporting.
• Perform reviews associated with system development standards, operating procedures, system access security, program change management, backup and disaster recovery, cybersecurity assessment, vendor IT resiliency, patch management, cloud security assessment, network reviews, etc.
• Constructively work with Business Unit leadership and Internal Audit teams to identify improvement areas, agree upon appropriate corrective actions, facilitate remediation efforts, and monitor progress to ensure that the Company is responding timely to address deficiencies that jeopardize the achievement of its objectives.
• Guide the development and implementation of data analytical audit techniques.
• Encourage the sharing of data analytics best practices throughout the organization and its various locations.
• Provide briefs to, and lead discussion with, local management on all audit issues during the closing meeting.
• Prepare an audit report draft to share with local management. Work with local management to coordinate agreement on all reportable issues, action plans and timing of remediation.
• Oversee the maintenance of a comprehensive departmental policies and procedures manual while ensuring ongoing compliance with the IIA's International Professional Practices Framework.
• Work with Internal Audit management to develop, sustain, and continuously enhance the brand and perceived value of the Department within the Company.
• Interact with senior levels of management (CIO, CFO, Controller, etc.) to communicate audit risks, issues and related corrective actions.
• Assist in the development and lead the execution of a comprehensive risk-based audit plan that evaluates the Company's risk management, internal control, and governance processes.
• Lead the annual IT risk assessment and ranking of the information technology environment.
• Assist the Staff Vice President, Internal Audit with the collection and coordination of information and materials for presentation to the audit committee.
• Supervise and assist in the development of other members of the internal audit group.
• Support multiple projects simultaneously and effectively manage timelines to deliver high-quality work products efficiently and effectively with limited supervision.
• Exhibit strong project management skills with the ability to hold self and others accountable to deadlines.

INTERNAL CONTROLS OVER FINANCIAL REPORTING/SARBANES-OXLEY COMPLIANCE

• Perform activities related to internal controls compliance including risk assessment, control design and test of operating effectiveness of IT General Controls and other controls over financial reporting.
• Lead effort to assist key executives in documenting both existing and newly created policies and procedures using established Company standards.
• Lead the execution of appropriate testing strategies and plans to enable management to assess the operating effectiveness of IT general and other controls over financial reporting.
• Constructively work with management to identify areas for improvement, collectively agree upon appropriate corrective actions, facilitate remediation efforts, and monitor progress to ensure that the Company is timely addressing and remediating significant deficiencies and/or material weaknesses.
• Ensure effective coordination with the external auditors to ensure they can place optimal reliance on Internal Audit's IT compliance-related work and facilitate the sharing of process and testing documentation.
• Ensure the seamless integration of the efforts of internal audit and internal control compliance activities to maximize the resources of the Departmental team.

Qualifications:

• Bachelor's degree in Computer Science, Information Systems or Accounting.
• CISA, CISSP, CIA or CPA required.
• 5+ years' experience auditing information systems including planning, execution and documentation
• IT Risk management and project management experience.
• Higher level knowledge ofIT security and application development. Strong expertise in one or more of the following areas of technology: Infrastructure (e.g. servers, storage, O/S), Network, Information Security, Third-Party IT Risk Management, Application/Database Architecture, Cloud Technology (e.g., AWS, Azure)
• Experience reviewing System and Organization Controls (SOC) Reports.
• Experience building data analytic procedures and implementing routines on audits.
• Excellent oral and written communication and presentation skills, strong analytical skills, ability to maintain composure under pressure, and a proactive approach to problem-solving and the overall execution of job responsibilities are all essential qualities necessary to be successful in this position.
• Strong familiarity with Control Objectives for Information and Related Technology ("COBIT")/National Institute of Standards and Technology ("NIST") framework and other professional auditing standards.
• Demonstrated knowledge of SOX/Internal Controls compliance frameworks (e.g., COSO).
• Strong organizational and leadership skills with the ability to develop talented individuals.
• Strong time management skills and strong attention to detail.
• Ability to inspire a strong spirit of cooperation among the management team and Internal Audit staff while embracing the Department's philosophy of continuous improvement and disciplined process execution.
• Ability to provide sound business judgment and strategic thinking to enable the Company to create and sustain a "world class" internal control and risk assurance environment.

Skills:

• Proficiency with MS Word to develop impactful audit reports.
• Proficiency with MS PowerPoint to create executive-level presentations.
• Proficiency with advanced MS Excel skills to perform data analysis.
• Proficiency in data analytical audit techniques (e.g., use of Tableau, PowerBI, Python).
• Drive adoption of AI/automation in testing by identifying opportunities to leverage analytics, scripts, or AI-based tools to streamline control testing, risk assessments, and documentation.

Other Requirements:

• Ability to travel approximately 5 - 10% is required.
• Ability to work overtime as required.