Job Description

What will your essential responsibilities include?

• Leads all aspects of planning, execution and reporting of IT and security related audits.
• Ensures all work is completed in accordance with professional standards.
• Assists in the development of a group-wide risk based audit plan.
• Effectively communicates with IA Directors and CAE.
• Oversees the effective completion of audit planning and risk assessment phase for specifically assigned complex areas or entire audits, inclusive of process narratives, flowcharts, audit programs, and issue drafts.
• Effectively assesses operational controls and determines overall impact on financial results.
• Oversees the effective execution and documentation of testing associated with the field work phase of the audit, including ensuring that audit program steps are adequately satisfied, appropriate conclusions reached and issues documented.
• Provides for appropriate reviews of outputs prepared by other assigned team members to ensure quality of audit outputs.
• Performs and/or ensures that all relevant audit work papers/outputs are appropriately reviewed (by self and other supervisors), approved and filed as part of completing assignment.
• Conducts first-level review of audit work to ensure departmental standards are met.
• Appropriately structures and writes major sections of audit reports and other outputs intended for audit customers.
• Demonstrates ability to use standard Internal Audit techniques for information gathering and risk assessment, fieldwork and issues reporting.
• Supervisory responsibility for review/project teams, including mentoring and coaching assigned staff, where directed by audit manager.
• Supports data analytics initiatives in the department and business auditors use during audits.
• Adheres to divisional and other relevant external, professional auditing standards (e.g. IIA professional standards).
• Participates in major business initiatives and proactively advises and assists the business on change initiatives, as assigned by senior audit management.
• Performs ad hoc audit projects, as assigned by senior audit management, responding to emerging risks and management requests.
• Performs action tracking follow-up with management for Audit Committee/Board reporting purposes.

You will report to the Senior IT Program Manager.

SHARE your talent

SHARE your talent

We’re looking for someone who has these abilities and skills:

• CISA required; security related designations (e.g. CISSP, CSX) preferred.
• BA/BS/BSc (or equivalent) in Information Systems, Computer Science, Accounting, Auditing, Business (or similar field) desirable.
• Substantial internal and/or external IT/security audit experience preferred, 3-5 years.
• Demonstrated leadership in managing people and projects and ability to develop and maintain relationships with personnel on all levels.
• Proven track record within internal/external audit environment evidencing strong performance in conducting high quality IT/security audit work, findings and reports.
• Experience with effective interaction with members of senior management.
• Experience executing technical IT and security related audits of networks, applications, data centers, etc.
• Experience assessing and auditing cyber security risks.
• Knowledge of key IT/security risk frameworks (e.g. NIST, ISO, CSC, COBIT).
• Experience utilizing data analytics tools (e.g. ACL/Galvanize, Tableau, etc.)
• Knowledge of insurance/reinsurance industries, including corporate investment and corporate finance areas.
• Familiar with risk-based and business process focused audit approach.
• Strong computer skills with experience in system-based audits would be an advantage.
• Strong written and oral communication skills.
• Ability to travel 25% of the time—or appropriate percentage.

Required Knowledge, Skills, and Abilities