Associate Audit Director

Associate Audit Director

Requirements

• Bachelor’s degree in Information Systems, Computer Science, or a related field of study
• Five (5) years of experience with the financial services industry
• Auditing IT infrastructure and cybersecurity processes
• Conducting cloud-based security assessments for AWS (S3, EC2, IAM, Lambda, LEX, and RDS) and Microsoft Azure (Blob Storage, Key Vault, and Azure Firewall)
• Assessing emerging technologies and highlighting the risks for new transformation initiatives for cybersecurity and infrastructure programs
• Vulnerability assessments, penetration testing, perimeter defense, and enterprise observability
• Agile development methodologies, including reviewing CI/CD processes and toolsets (security scan assessments and SAST/DAST (Veracode and Qualys)) and pipeline reviews (Github, uDeploy, and Jenkins)
• Auditing leveraging the use of data analysis tools for automation capabilities, including PowerBI, ACL, SQL, and MS Excel tools
• Establishing and executing cloud audit strategy and approach

Responsibilities

• Collaborate with the Core Technology business stakeholders, IAG, and other assurance teams to lead the development of a portfolio of Core Technology audits
• Lead Audit coverage of Cloud Strategy and transformation projects
• Partner with the business to identify and analyze the inherent risks in AIG’s Technology and Security functions
• Educate stakeholders on the IAG process and work to improve the overall audit experience
• Act as a subject matter expert for cloud to upskill the current team through organic training and establish a training curriculum
• Support the establishment and execution of the cloud audit strategy and approach
• Develop automation capabilities to enable self-service of common data sources and execute full population and controls testing automation across all three public clouds
• Assist IAG senior management in the development and execution of a risk-based audit plan and lead the full audit lifecycle (planning, testing of controls, and issue verification) for audit engagements
• Manage a team of audit professionals and execute all aspects of audit activities within a global team environment in accordance with IAG’s Global Audit Methodology and professional standards
• Coordinate globally, influence, and manage the execution of the Core Technology audit plan, which includes risk and control evaluation, testing, audit report issuance, workpaper review, and follow-up and verification of issue closure
• Communicate audit results or other key messages to a variety of constituents, including senior business and audit management and regulators
• Continuously update the Core Technology business risk and control environment assessments, including key risks and controls, through periodic client meetings, adhoc walk throughs, and data analytics
• Interact with regulators for regulatory examinations, status updates, and other queries, as needed
• Provide guidance and direction for audit staff to develop business and audit knowledge, set clear expectations, provide timely and constructive feedback, encourage their career advancement, and set the tone by enthusiastically facilitating knowledge exchange and transfer

Preferred Qualifications

No preferred qualifications provided.