Audit & Control
Qualified Professional - Experienced
Work from Office
Any Post Graduation
- Responsible for effectively planning and executing comprehensive audits and advisory engagements assessing technology and information security related areas under the direction of Internal Audit Management. These activities include:
- Obtaining an understanding and evaluating processes and technologies.
- Facilitate walkthroughs with control owners and key Technology leads.
- Collaborating with leadership and colleagues to assess the design and effectiveness of processes using traditional and innovative techniques.
- Conducting audit testing and analysis and completing documentation of high quality in accordance with departmental standards.
- Collaborating with the Internal Audit Data Analytics team to design, develop, and consume moderately complex data analysis.
- Documenting and reporting process weaknesses or inefficiencies.
- Conducting entry/exit meetings with business area management.
- Drafting and finalizing results and reports targeted to senior management and corporate directors.
- Performing follow-up on previously identified findings and management’s action plans.
- Automating testing using desktop automation, data analytics, or robotic process automation techniques.
- Completing tasks within the allotted timeframes.
- Embrace a culture of agility, innovation, and continuous improvement within the Internal Audit function.
- Bachelor’s degree in Information Systems, Computer Science, Engineering, or Finance preferred. Other business or technology related degrees considered depending upon relevant experience.
- Auditing, technology, or security coursework, a plus.
Licenses, Certifications, Registrations (if applicable):
- Professional auditing, security, or technology designation (e.g., CISA, CISSP, CCSP, AWS Cloud Practitioner, etc.) or actively pursuing the completion of such designation preferred.
- Minimum 2-5 years of experience in technology audit, consulting, or information security roles; with excellent knowledge of general controls and Sarbanes Oxley requirements; previous experience in technology, data analysis, consulting, and/or technology compliance roles would also be considered.
- Previous experience in the asset management, securities and/or banking industries a plus.
- Equivalent relevant experience in the investment management industry may be substituted for direct audit experience.
- Experience auditing automated application controls, enterprise applications, information security and cyber security practices, and various technology platforms such as UNIX, Windows, SQL Server, and Oracle databases
- Experience conducting data analysis, visualization, or CAATs a plus.
- Critical thinking and problem-solving ability; effectively identify risks and unexpected patterns in complex situations, investigate issues, analyze root cause, and determine the appropriate course of action.
- Resilience in debating and discussing existing practices or contentious issues; confident in dealing with difficult situations and resolving conflicts and influencing with diplomacy while maintaining objectivity.
- Effectively communicate complex, technical concepts; actively listens and promotes mutual understanding; adjusts communication styles effectively to suit the needs of different audiences.
- Client service disposition; understands stakeholder needs and concerns and provides constructive feedback, sound advice, and potential solutions.
- Able to build and sustain effective working relationships with business partners and external peers.
- Result-oriented and comfortable as an individual contributor.
- Intellectually curious with constant desire to learn and share knowledge with others.
- Strong knowledge of leading practices around IT controls, such as the COBIT, NIST, or ISO27000 frameworks.
- Strong knowledge of technology and cybersecurity trends and tools.
- Strong analytical, project management, and administrative skills.
- Ability to work in a diverse, cross-functional and international environment.
- Adaptable and comfortable with changing environment.
- Self-starter and motivated must be able to work without frequent direct supervision.
- Demonstrates high professional ethics.
- Proficient with analytics software such as Tableau, Spotfire, Alteryx, ACL, IDEA, etc. a plus.
- Proficient with Microsoft Office (MS Word, Excel, Power point, Access etc.).