Role Overview:
We are seeking a Manager – IT Assurance & Audit to lead and oversee IT audit engagements, ensuring the effective management of IT risks and controls within the organization. This role involves conducting audits, evaluating IT governance, security controls, and compliance with regulatory requirements.
Key Responsibilities:
1. IT Audit & Assurance:
- Plan, execute, and lead IT audit engagements, including audits of IT general controls (ITGC), application controls, cybersecurity, and data privacy.
- Assess the effectiveness of internal controls, risk management processes, and governance structures.
- Identify control weaknesses and recommend corrective actions to mitigate risks.
2. Risk Assessment & Compliance:
- Perform IT risk assessments to identify vulnerabilities and potential threats to the organization's IT infrastructure.
- Ensure compliance with industry standards such as ISO 27001, SOX, COBIT, NIST, and other regulatory frameworks.
- Support the development of IT risk management frameworks and policies.
3. Leadership & Stakeholder Management:
- Manage a team of junior auditors, providing guidance, coaching, and performance feedback.
- Collaborate with internal stakeholders, including IT, finance, and compliance teams, to address audit findings and recommendations.
- Communicate audit results effectively to senior management and stakeholders.
4. Technology & Cybersecurity Audits:
- Conduct audits related to cybersecurity, data privacy, cloud security, and emerging technologies.
- Evaluate security frameworks, access controls, disaster recovery plans, and incident response protocols.
5. Continuous Improvement & Reporting:
- Develop audit plans, schedules, and reports to ensure timely and accurate reporting.
- Recommend process improvements and efficiencies to enhance the audit function.
Desired Qualifications:
- Education: Bachelor's/Master's degree in Information Technology, Computer Science, or related fields.
- Certifications:
- CISA (Certified Information Systems Auditor), CISM (Certified Information Security Manager), or CIA (Certified Internal Auditor) preferred.
- ISO 27001, COBIT, or other cybersecurity certifications are a plus.
- Experience:
- 6-8 years of experience in IT audit, IT risk management, or IT governance.
- Strong background in auditing IT systems, applications, networks, and security controls.
Skills & Competencies:
- Strong analytical and problem-solving skills with attention to detail.
- Excellent communication and interpersonal skills for stakeholder engagement.
- Proficiency in audit tools, cybersecurity frameworks, and IT risk management software.
- Ability to lead audits independently, manage multiple projects, and meet deadlines.
- Knowledge of regulatory requirements such as GDPR, HIPAA, PCI-DSS, etc.
