Evans Bank IT Audit and Controls Manager in United States
The IT Audit and Controls Manager will be responsible for leading or conducting reviews of IT control procedures, writing and updating existing controls and helping assure that IT performs its governance responsibilities. This individual is responsible for testing, documenting, evaluating, remediating, and improving internal IT controls for effectiveness and operational efficiency. The IT Audit & Controls Manager will fulfill these duties by collaborating with internal and external audit teams, IT management, corporate accountants, consultants, and other stakeholders to ensure compliance project deliverables are met.
Duties and Responsibilities
- Reviews IT controls, business processes, policies, procedures, and management reports for effectiveness and sustainability.
- Conducts IT risk assessments on business and operational processes, procedures, and policies.
- Communicates results of audit/exam projects via written reports and verbal presentations to the CIO
- Identifies, develops and documents audit issues and recommendations using independent judgment concerning areas being reviewed.
- Coordinates IT staff efforts to comply with internal audit, external audit, regulator examination, management review of IT Controls and overall controls environment
- Drafts new workflows, including impact statements on how revised processes shall be incorporated into daily tasks.
- Reviews, documents, evaluates, and tests manual and automated computer controls throughout the corporate IT environment, including server, application, middleware, and client-side.
- Develops and implements testing methodologies for application development, IT infrastructure, security, and availability.
- Designs and executes SarbOx compliance tests of operating effectiveness for IT systems and internal controls; coordinate required remediation.
- Interprets audit results and make conclusions on the adequacy and reliability of controls; prepare and present reports as necessary.
- Communicates control strengths and weaknesses to IT Management and internal audit; collaborate with internal audit to develop mitigation plans.
- Applies appropriate COBIT, COSO, ITIL, or ISO 17799 frameworks to all documentation and remediation efforts.
- Designs and performs reengineering of processes and procedures in need of remediation.
- Conducts gap analysis via testing and recommend specific actions to fix gaps in processes and/or process management.
- Designs enhancement for internal controls such as segregation of duties, production change management, software management, security, incident handling, and transmission integrity.
- Assists the internal audit team in delivering requests from external auditors and consultants.
- Designs audit programs to ensure ongoing evaluation and validation of IT control effectiveness.
- Prioritizes control projects based on severity of risk and non-compliance.
- Liaise with external auditors to facilitate the auditing process.
- Bachelor’s degree in accounting, finance, or information technology
- Certified Information Systems Auditor (CISA) or Certified Information Systems Security Professional (CISSP) designations preferred.
- 4+ years of internal audit experience, prior work experience with a Big 4 consulting/auditing firm (PricewaterhouseCoopers, Deloitte, Ernst & Young, or KPMG) preferred or 5 years experience in a position directly responsible for IT Controls.
- Solid experience in testing, evaluating, and documenting controls for compliance.
- Direct knowledge of and exposure to SarbOx requirements, especially Sections 302, 404, and 409.
- Strong familiarity and experience with governance and controls frameworks, such as COBIT, COSO, ITIL, and ISO 17799.
- Solid understanding of assessing and designing internal controls in an enterprise-level environment.
- Expertise with flowcharting software tools (e.g. Visio).
- Strong project management skills.
- PC skills and hands-on experience building tools and presentations with Microsoft Word, Excel, PowerPoint, Project, and Access.
- Excellent verbal, interview, and diplomacy skills.
- Can adapt to shifting priorities, demands, and timelines through analytical and problem-solving capabilities.
- Ability to manage and collaborate with multidisciplinary teams.
- Reacts to project adjustments and alterations promptly and efficiently.
- Adept at conducting research into project-related issues and products.
- Ability to effectively prioritize and execute tasks in a high-pressure environment is crucial.
Job Location: Hamburg, , United States
Position Type: Full-Time/Regular
Tracking Code: 331-018