IT Audit Manager

IT Audit Manager

Requirements

• Bachelor’s degree holder in Accountancy, Information Technology, Engineering or related course with an auditing/accounting or IT audit designation (e.g., CPA, CIA, CISA); information security designations (CISSP, CISM) highly preferred.
• At least 5 years of solid IT auditing and data analytics experience in a client-facing, matrix, project-based organization; typically gained through prior audit, advisory, consulting, or public accounting experience in a ‘Big Four’ firm or other large organization.

Responsibilities

• Manage audit projects to cover key risks and controls and produce meaningful audit reports that clearly articulate the position on risks, controls and related issues, while meeting Internal Audit’s operational targets related to budget, timeline and quality of execution.
• Supervises other audit managers or auditors assigned to projects according to department objectives and provides coaching to staff where possible to support personal and overall department skill enhancement.
• Understand the company’s technology strategy, operations and regulatory environment to proactively identify areas of emerging and heightened risk related to technology that affect the company.
• Assess technology projects, business applications and IT operations and their related support models to provide assurance that key risks are managed while introducing new capabilities for our customers.
• Develop testing strategies and report on company initiatives related to systems product delivery, production support maintenance and asset and vulnerability management processes.
• Develop and implement a strategy to gain ongoing assurance over information services through automated methods.
• Support assigned technology/data-related components of business group teams’ audits and projects.
• Positively influence IT management teams on their risk and control decisions to ensure that the organization maintains a strong risk culture and control environment.
• Act as a subject matter expert in information technology, digital and data analytics.
• Define and propose changes for information services audit units, maintain record of risks, key activities, systems and processes for sub audit units.
• Liaise with the Corporate IT Infrastructure Audit team to ensure that key risks and controls are uniformly tested on a risk-informed basis and harmonize audit approach across multiple Business Units (BU).
• Collaborate with BU auditors in ensuring clarity of test procedures and ensuring that deliverables meet expected quality and timeliness requirements.
• Perform program / project assurance reviews over key Business Unit technology adoption programs and participate in management meetings with a view to influencing client engagement and decision-making.

Preferred Qualifications

• Combined business and technology experience; risk and controls consulting experience in a Big 4 firm is highly preferred.
• Technically proficient in internal auditing, governance, risk and controls, data analytics, technology and digital and fully conversant with the COSO framework of internal control.
• Advanced data literacy and possesses digital dexterity or the ability and desire to exploit existing and emerging technologies for better outcomes.
• Demonstrated ability to effectively establish and maintain relationships, and deal effectively with staff of all levels including functional VPs and Directors.
• Demonstrated experience in working with diverse teams and working environments.
• Strong English communication skills (verbal and written), persuasive and articulate.
• Strong project management skills.
• Experience with SL’s Risk Management Framework and knowledge of key IT risk processes; broad familiarity with SL’s IT process offshoring model and work organization processes.
• Health Insurance background strongly preferred.
• Experience in Government Healthcare (Medicare/Medicaid including dental) strongly preferred.