|Position||00314 AVP Internal Audit Specialist for IT|
|City, State||Franklin Hybrid Schedule,NJ|
|Contact Name||Steve Silvi|
|Description||The AVP- Internal Audit Specialist for Information Technology is primarily responsible for performing information technology (IT) audit activities across the bank, conducting Sarbanes-Oxley testing, process reviews and various ad hoc projects assigned to them.|
The individual will evaluate IT controls over infrastructure, network, applications and databases.
This position requires an individual that is well acquainted with IT Corporate Governance and internal control assessment methodology.
Strong verbal and written communication skills are a must, as are professional interpersonal skills.
This position assists in the performance of internal audit examination ensuring timely and professional execution of the examination in accordance with professional standards.
Assist in the completion of internal audit engagements and validation procedures in accordance with the department’s audit methodology and professional standards.
Evaluate Information Technology General Controls including logical access, program change and other general controls including but not limited to backups, job scheduling, IT maintenance procedures, and physical security.
Evaluate application controls including configurable system parameters and switches, segregation of duties within applications and end user computing utilizing tools such as Access, Structured Query Language and other end user reports and query tools
Prepare work papers and clearly document audit evidence including process documentation control identification and assessment, flow charts, and test work in accordance with the Internal Audit documentation requirements.
Assist in the development of the audit planning memorandum, audit programs, and testing approach.
Assist in the writing of potential issues in the event exceptions are identified, taking into consideration the root cause of the issue and provide recommendations that will improve operations.
Organize and complete work within established budget and timeframes under the direction from the Audit Manager.
Proactively communicate with the audit team as well as clients in a professional manner.
Develop professional relationships with client contacts.
Perform additional special projects (investigations, risk assessments, etc.) or any other duties as required or assigned.
Uphold and promote the IIA’s Code of Ethics.
|Requirements||Bachelor’s degree in Computer Science, Management Information System, Accounting, Business Administration, Finance or Information Technology, or other business-related discipline.|
Five years of professional experience in information technology, cybersecurity, or information technology audits.
Strong critical thinking skills, including the ability to assimilate new information, make sound decisions and manage multiple tasks.
Strong written, verbal, and interpersonal communications skills.
Ability to plan ahead and multi-task.
Team player with a positive “can do” attitude, willingness to learn new concepts in a fast paced environment, be a self-starter, and accept responsibility to meet deadlines.
Proficiency in Microsoft Word, Excel and PowerPoint at the intermediate level or higher.
Master’s degree in Accounting, Business Administration, Finance, Computer Science, Management Information or Economics or related discipline.
Achievement of one or more of the following certifications: Certified Information Systems Auditor (CISA); Certified Information System Security Professional (CISSP); Certification Information Security Manager (CISM); Certified in Risk and Information Systems Controls (CRISC); Certified Internal Auditor (CIA); and Certified Public Accountant (CPA), etc.).
Seven years of professional experience performing IT audits.
Experience in financial service industry.
Knowledge of technology and information security risk management principles and relevant standards like COSO/COBIT framework, NIST, ITIL and Cybersecurity Framework.
Knowledge and experience with Sarbanes-Oxley (SOX) IT General Controls, including logical/physical security, network and application security, change management, and computer operations.
Experience with IT SOX control testing.
Solid understanding of IIA Standards, GAIT, COBIT, ITIL, NIST, GAAP, Sarbanes Oxley Act, COSO and PCAOB Rules.