Associate Principal – Internal Audit Information Technology & Security
| Company | OCC |
|---|---|
| Location | Dallas, TX, USA, Chicago, IL, USA |
| Salary | $103600 – $170500 |
| Type | Full-Time |
| Degrees | Bachelor’s |
| Experience Level | Senior |
Requirements
- Ability to communicate clearly and effectively, both orally and in writing, including the ability to handle potentially sensitive situations and discussions.
- Strong problem solving and analytical capabilities.
- Demonstrated ability to gather, analyze, and evaluate facts, and prepare and present concise oral and written reports.
- Ability to work independently or as part of a team, prioritizing multiple audit assignments to simultaneously complete each in a timely fashion.
- Bachelor’s degree (or equivalent) in Information Technology, Computer Science, Computer Engineering, Accounting, Finance, Business Administration, or related field.
- 4+ years of experience (audit-related) in conducting risk-based Information Technology and Security audits and projects, cyber security reviews, and internal audits.
- Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certification in Risk Management Assurance (CRMA), Certified Internal Auditor (CIA), Certified Public Accountant (CPA), or similar certification required.
Responsibilities
- Support the team on delivery of assigned audits within the annual audit plan.
- Support the team confirming a professional auditee experience.
- Owning the audit quality, accuracy of results, and delivery in a timely manner.
- Proactively identify regulatory, operational, and/or strategic risks to the organization and bring them to your engagement team.
- Evaluate exceptions or inefficient practices for root causes and propose advice and recommendations for achievable solutions.
- Leading audits related to organization changes including business requirements definitions, technology implementations (e.g., change management, security), engagement and alignment of change initiatives to business objectives.
- Maintaining an understanding of policies, procedures, standards, and supporting technologies, and educating staff accordingly, to effectively identify potential risks and alternatives to mitigate risk exposure leveraging leading practices.
- Ability to understand professional principles and standards (e.g., AICPA, IIA IPPF, COBIT, NIST CSF) and the relevancy to risk management and impact on policies and procedures. In addition, leveraging these principles and standards to test and evaluate corporate risk management processes and controls.
- Keeping current on best practices and emerging risks within the financial services industry and making recommendations for improvements as necessary.
- Supporting effective relationships with business groups and leadership and partnering with management.
Preferred Qualifications
- Consulting and/or accounting firm experience.
- Experience in Financial Services/Security Industry and working with regulations such as Regulation Systems Compliance and Integrity (Reg SCI).
- Familiarity with security tools such as: CyberArk, Splunk, SailPoint.
- Familiarity with change management tools such as: ServiceNow, Jira, Confluence, GitHub.
- Familiarity with databases such as: Oracle, DB2, SQL.
- Familiarity with cloud based solutions: AWS, Azure, Oracle Cloud, Workday.
- Proficiency using Archer or other audit or Governance Risk and Compliance (GRC) software.