Job description

Position: Senior Auditor - IT

Duration: - Full-time

Location: NYC(1301 Ave of America), NY (Hybrid Role)

JOB DESCRIPTION

JOB TITLE:

Senior Auditor - IT

DEPARTMENT:

Inspection Générale (IGE)

REPORTING TO:

IT Audit Supervisor

KEY RESPONSIBILITIES, DUTIES AND ACTIVITIES

Summary of the position

The Senior Auditor performs a preliminary assessment of the audited activity and its internal control framework. He/she performs independent testing and analysis on specific controls in order to meet the audit’s objectives. He/she also contributes to drafting the debriefing presentation and the final report sent to Management.

Depending on the assignment, Senior Auditors may have to directly supervise one or several Auditors and may act as deputy to the Lead Auditor.

Key Responsibilities:

The Senior Auditor may either work independently or supervise one or several auditors.

I – Conduct of assignment (Must Have)

When working independently, the Senior Auditor is responsible for carrying out audit work autonomously as per the audit planning within the defined timeframes in accordance with IGE methodology and procedures and Internal Audit standards. This includes:

- To independently carry out audit planning and fieldwork, including:

- A preliminary assessment of the audited activity highlighting the related risks and controls

- Interviews, testing and analysis of the results of the controls planned in the audit program

- Assessing controls for compliance with regulations, regulatory guidance including but not limited to Federal Financial Institutions Examination Council (FFIEC) IT Examination Booklets, NY Department of Financial Services (DFS) 500, DFS 504, Gramm–Leach–Bliley Act (GLBA), National Institute of Standards and Technology (NIST), Control Objectives for Information and Related Technology (COBIT) etc.

- Assessing processes and controls within core IT infrastructure, IT operations, cybersecurity, business continuity planning and IT disaster recovery, business applications, data governance and management.

- Assessing control design, effectiveness and sustainability

- To document clearly and precisely in test sheets the controls performed and the conclusions reached

- To communicate succinctly and precisely in verbal and written communications

- To identify and report on strengths and weaknesses of the audited areas, to analyse the root causes and consequences of the identified weaknesses, to formalise possible remediation and recommendations to address the findings and to conclude on the effectiveness and efficiency of the control set-up and business practices

- To present audit conclusions to IGE management and to the management of the audited unit (debriefing presentation, final audit report, etc.)

- To keep his/her management informed of the progress on the audit work assigned, and to escalate any issue that may impact or delay the audit’s execution or to raise any other relevant information on the assigned audit and the risk and control environment

- To proactively conduct recommendations follow-ups to monitor whether adequate corrective actions have been taken prior to closing any recommendations

- To ensure proper archiving of any supporting documentation, audit evidence and deliverables.

- To demonstrate accountability and ownership for the work assigned

II – Team management

The Senior Auditor, when supervising one or several Auditors, is responsible for:

- Training the Auditors on the audit techniques and expected deliverables

- Reviewing the work performed by the auditor to ensure that the test results and the findings are adequately documented and the recommendations are relevant

- Providing regular feedbacks to the Auditor and contributing to the definition of objectives and to the end of assignment assessment related to the team allocated during assignment

- Ensuring collaborative and productive relationships within the team and good coordination throughout the International Network and with auditees

III – IGE Continuous improvement Program / Transversal topics

The Senior Auditor contributes to the continuous improvement of IGE methodologies and processes. As part of her/his responsibilities, she/he:

- Prepares or updates audit guides, scorecards or training materials related to specific activities based on existing knowledge, documentation, interviews, etc.

- Monitors the implementation of recommendations issued

- Builds and shares knowledge (e.g. through contributing to SynerGIA, delivering training or taking part in various Methods and Support workstreams or assignments)

- Participate in one or several knowledge communities within IGE

The Senior Auditor is regularly trained on banking and regulatory matters and must always maintain a sufficient knowledge of the audited area she/he is responsible for. She/he must complete all the mandatory trainings within the defined timelines.

Management and Reporting

Direct reporting line to the IT Supervisor

During an assignment the Senior Auditor reports to the Lead Auditor in charge of the assignment or to another Senior Auditor depending on the organisation of the assignment

Key Internal contacts

Auditees, other control functions

Key External contacts

N/A

Role specific requirements

This role may require business travels in any relevant locations to conduct the assigned audits, for periods up to several consecutive weeks.

Auditors must comply with the CACIB Audit Charter, in particular the five fundamental ethical principles (integrity, objectivity, confidentiality, expertise, and transparency) and all other locally applicable regulations.

PERSON SPECIFICATIONS:

KNOWLEDGE AND SKILLS

ESSENTIAL

DESIRABLE

Qualifications/Education Required:

· Bachelor or Masters’ degree in accounting, business, finance, engineering or related field

· Industry recognized certification (CPA, CIA, CISA, CISSP, ACAMS)

Experience Required:

· 3-5 year experience in audit (internal / external) or banking organization or IT

· Previous experience in a bank

Specialist Training Required:

N/A

N/A

Competencies Required:

· Proficiency in Word, Excel and Powerpoint

· Analytical skills

· Verbal and written communication skills

· Ability to deliver under time pressure

· Accuracy

· Organization

· Autonomy

· Team spirit

· Fluent in English

· Accountability and ownership

· Relationship management

· Ability to work in multi-disciplinary and multicultural teams

· Basic French

Skills & Knowledge Requirements:

· Auditing techniques

· Understanding of the risks generated by banking / securities activities

· Specific skills/knowledge on IT and IT risks

· Ability to perform basis coding in Python, Java, Javascript.

· Ability to perform data analytics using spreadsheets, databases, Python, PowerBI

· Familiarity with commonly used tools such as ServiceNow, vulnerability scanners and penetration testing tools etc

Any specific skills knowledge in using core IT systems of the Bank (understanding of the data production, analysis of the results)

Any other relevant information:

N/A

N/A

Job Type: Full-time

Pay: $110,000.24 - $115,000.59 per year

Schedule:

• 8 hour shift

Experience:

• Information governance: 4 years (Preferred)
• Cybersecurity: 4 years (Preferred)
• NIST: 3 years (Required)
• COBIT: 3 years (Required)
• FFIEC: 3 years (Preferred)

Security clearance:

• Confidential (Preferred)

Work Location: Remote

jjbodyshop.com is the go-to platform for job seekers looking for the best job postings from around the web. With a focus on quality, the platform guarantees that all job postings are from reliable sources and are up-to-date. It also offers a variety of tools to help users find the perfect job for them, such as searching by location and filtering by industry. Furthermore, jjbodyshop.com provides helpful resources like resume tips and career advice to give job seekers an edge in their search. With its commitment to quality and user-friendliness, jjbodyshop.com is the ideal place to find your next job.