Driving continuous improvement is what we are all about and you will support our efforts through providing objective evaluations of our technology and cybersecurity processes to make us better. You’ll gain exposure to the diverse aspects of our business through collaborating with different business leaders related to our technology and cybersecurity controls, processes, and systems. The work you perform is critical to reducing risk and providing solutions that protect our company, our employees and our shareholders.

As a Technology/Cybersecurity Internal Audit Senior Manager, you will play a critical role in executing and managing audit projects, coaching staff, conducting training, assisting daily assignments, overseeing and incorporating industry expertise and knowledge into internal audit control frameworks, improving testing methodology, ensuring consistency in evidence standards, developing tools and testing environments, and promoting cybersecurity and software engineering skills within the team.

• Oversees end to end process of complex Technology/Cybersecurity Audits ensuring we execute on our audit commitments, compliance to our methodology, development and growth of junior staff members, quality review of audit work papers, observations are properly vetted, and communicate audits results to executive management.

• Using problem solving and critical thinking skills to identify internal control deficiencies, evaluate their risk implications, and draw the appropriate conclusions to best advise management. Assist in the execution of the necessary corrective recommendations for deficiencies identified to ensure successful remediation.

• Communicating challenges and roadblocks that impact ability to meet audit commitments with senior manager, directors and business leadership.

• Participating in departmental administrative responsibilities and driving completion of selected departmental goals, such as: staff recruiting; preparation of Audit Committee Materials; Data analytics, trend reports, etc.

• Growing your knowledge and experience while working with a variety of emerging technology environments, platforms, applications and tools/utilities.

What we’re looking for...

You’re a great teammate who enjoys collaborating with various partners to achieve winning outcomes. You understand the importance of keeping the lines of communication across all levels to earn trust. You listen carefully with an intent to understand. You like digging into the details and coming up with recommendations that will have a huge impact.

You’ll need to have:

• Bachelor’s degree and six or more years of experience in Information Technology (IT), Auditing, Security & Privacy Services, Business Process Controls, IT Risk Management, SOX Advisory, or other related work.

• Must be able to lead discussions with technical teams and business stakeholders and have the ability to learn new technology concepts on demand.

• A deep understanding of operational audit processes in accordance with the International Standards for the Professional Practice of Internal Auditing (IIA Standards).

• Solid comprehension of information technology general and advanced controls, key industry standard frameworks, and cybersecurity protocols.

• Proficiency in basic data queries and executive summary data visualizations using tools like SQL, Google Data Studio, Tableau, Alteryx, Qlik, etc.

• Strong knowledge of networks, operating systems, servers, personal computers, system development, client/server architecture

• Excellent written and verbal communication skills to be able to summarize audit results and participate in communicating audit findings to the appropriate level of management.

• Have strong project management skills to manage and conduct audits with minimal supervision from beginning to end, also to often manage multiple audits at once.

• Willingness and travel up to approximately 25% of the time.

Even better if you have one or more of the following:

• A degree in Accounting, Computer Science, Engineering, Information Systems, or other relevant field.

• Professional certifications include Certified Information System Auditor (CISA), Cybersecurity Practitioner Certification (CSX-P), Certified Information Systems Security Professional (CISSP), Certified Internal Audit (CIA), or Certified Public Accountant (CPA).

• Risk Management experience (performing assessments, designing controls, managing enterprise control frameworks).

• Knowledgeable across a wide spectrum of frameworks and standards such as NIST Cyber Security Framework, COBIT, ISO 27001/27002, and CIS Security Controls.

• In depth knowledge of network and system security and practices across all major-computing areas (cloud, client/server, PC/LAN, VPN, DevOps) and Internet related technology.

• Prior work experience in a Public Accounting environment specializing in technology-based audits and cybersecurity.

• Prior work experience in first, second, or third line of defense organizations focused on cybersecurity.