IT Audit Manager – Security

Gravity IT Resources

Apply Now

Title: IT Audit Manager – Security 
Location: Hybrid (San Antonio, TX; Plano, TX; Phoenix, AZ; Tampa, FL or Charlotte, NC – Relocation assistance is available)

We’re looking for someone to lead and execute our client’s complex audit engagements throughout the audit lifecycle, to include understanding of horizontal and vertical business impacts, integrating audits with IT, analytics, and projects and reviewing work papers. May lead engagements as Auditor-In-Charge (AIC). Maintains knowledge of financial services regulations. Creates and independently performs complex work assignments and problem resolution in support of risk-based assurance and advisory engagements. Leverages results from engagements and continuous monitoring activities to assist Audit Leadership in updating risk assessments. Adheres to the Institute of Internal Auditors’ International Standards for the Professional Practice of Internal Auditing (Standards) and Code of Ethics.
 

Primary Responsibilities:

  • Primarily serves as Auditor-in-Charge (AIC) and main point of contact for the business through Audit engagements.  

  • Leads and executes complex audit engagements throughout the audit lifecycle. Leads continuous monitoring and advisory activities, special reviews and investigations.

  • Responsible for executing multiple areas of complex test work during audit activities.  Executes audit documentation techniques including key risks and controls alignment to audit test objectives and conclusions and assigning appropriate issue severity.

  • Manages day to day engagement-related efforts and assignments of Audit team members with varying degrees of expertise and experience when conducting engagements as the Auditor-in-Charge (AIC).

Minimum Requirements:

  • 6+ years of experience leading / executing testing for audits in one or more of the following IT or security topics: IT General Controls (Access Management, Change Management, Batch Processing, etc..) Infrastructure (server, database, network, operating system, mobile devices) or cyber security (firewall, IDS/IPS, DLP, Proxies, anti-malware, CASB, email security, remote access, security baselines, SIEM, PKI, data encryption/tokenization, or Cloud security)

  • Strong knowledge of internal controls, business and information technology risks and/or audit techniques in a large financial services organization

  • Knowledgeable of industry frameworks (COBIT, ITIL, NIST, FFIEC etc.)

  • Exceptional communication, presentation, and project management skills

  • Preferred designations include CISA (Certified Information Systems Auditor), CISSP (Certified Information Security Systems Professional), or other relevant business designations.

Brian.Fonts

Apply Now