IT Audit Manager - Cyber

Northern Trustposted 2 months ago
$83,100 - $141,300/Yr
Full-time • Mid Level
Hybrid • Chicago, IL
Securities, Commodity Contracts, and Other Financial Investments and Related Activities
Resume Match Score
Upload and Match ResumeTrack Jobs with Teal

About the position

The IT Audit Manager - Cyber is responsible for the execution of audit engagements, which includes planning and developing the project scope, maintaining the budget and timeframes of the project to meet audit requirements, and ensuring department Standards are properly met. The role is a direct report to an Associate Director. The IT Audit Manager, Cyber provides input to improve operational efficiency and/or to enhance the design or operating effectiveness of the internal control environment. The role provides technical expertise and performs supervisor related work including training new employees and those with lesser experience, reviewing the work of others, and providing regular feedback to coach staff. This role will interact and build relationships with management across Northern Trust's Technology functions. The role is responsible for execution of validation testing as well as cyber audit engagements. The successful candidate will also be responsible for audits of information security, identity and access management; data protection; security incident response; authentication services; insider threats; vulnerability and threat management; and network perimeter defenses, as well as contributing to general and integrated IT Audit engagements.

Responsibilities

  • Functions in various roles on audit engagements, including leading audits, staffing audits, and providing consulting or oversight functions based on the needs of the team.
  • Provides technical expertise to the IT Audit Team and uses sound audit practices.
  • Maintains familiarization and technical expertise with the assigned business unit(s) including organizational structure, personnel, activities and products, new product development, financial performance, and risk and problem areas.
  • Manages and performs special projects as assigned.
  • Participates in meetings with business unit to discuss audit results.
  • Communicates with partners at all levels, developing and presenting recommendations on operations and controls for the business unit.
  • During audit engagements, assigns work to auditors, sets priorities and monitors activity.
  • Utilizes understanding of various Corporate units to ensure operations, services, and systems have proper controls in place (i.e., design of the control environment).
  • Reviews audit work including workpaper documentation, findings, recommendations, and the final report to ensure appropriate adherence to the Corporation's/Department's Policies and Standards and ensuring work is performed within established timeframes.
  • Evaluates corporate management, business processes, business controls, and operating practices during audits and consulting/monitoring engagements.
  • Applies analytical skills to review information and determine potential control weaknesses.

Requirements

  • Knowledge and experience leading risk-based cyber and information security audits and/or general technology audits.
  • Solid understanding of ITGC and related processes (e.g., Configuration Management, Vendor Management).
  • Understanding of Information Technology Service Management (ITSM) controls (e.g., Incident Management, Problem Management).
  • Skills as needed to perform testing of application controls (e.g., BC/DR, Application Security Testing, Interface Controls).
  • Skills as needed to perform testing of information security and cybersecurity controls (e.g., Event Monitoring, Data Security).
  • Knowledge of risks related to newer technologies (e.g., Infrastructure as Code, Cloud Access Management, Kubernetes, Containers, CI/CD).
  • Knowledge of IT and cybersecurity regulations, standards, and frameworks (e.g., NIST CSF, FFIEC, GDPR, ITIL).
  • Knowledge of cloud environments and related technologies (e.g., Microsoft Azure, Amazon Web Services, private and hybrid cloud architectures).
  • Professional certifications (e.g., CISA, CISSP, CCSP).
  • Strong analytical, leadership, and organizational skills are needed.
  • Strong report writing and work paper documentation skills.

Nice-to-haves

  • Adept auditing and/or systems experience in a financial institution, or similar public accounting experience in the financial services industry.

Benefits

  • Comprehensive benefits package including retirement benefits (401k and pension)
  • Health and welfare benefits (medical, dental, vision, spending accounts and disability)
  • Paid time off
  • Parental and caregiver leave
  • Life & accident insurance
  • Other voluntary and well-being benefits
  • Discretionary bonus program that may include an equity component

Job Keywords

Create a Teal account and upgrade to Teal+ to unlock all 37 keywords
Create an Account
Build your resume with AI

A Smarter and Faster Way to Build Your Resume

Go to AI Resume Builder

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service