IT Audit Manager, Sr
Old National Bank · Evansville, IN · 2 wk ago
Information Technology$98k–$199k/yrFull-time
Responsibilities
- Identify and evaluate significant exposures to risk and contribute to the improvement of risk management and control systems.
- Work closely with IT/Risk management to understand products, organizational initiatives, and systems, and provide quality audit services meeting department and professional standards.
- Foster awareness of the importance of internal controls to management and report clearly, concisely, and logically in verbal and written form to highlight gaps and/or deficiencies.
- Conduct IT audits or reviews as assigned within Internal Audit.
- Work closely with the SOX team to ensure completion of semi-annual SOX key control testing.
- Direct or conduct audits in accordance with the department’s audit methodology and professional standards and ensure audits are completed in a timely manner.
- Review or create work plans including documents such as the Risk Control Assessment, and the creation of audit program steps.
- Oversee testing associated with the field work phase of the audit and ensure technical documents and workpapers satisfy audit program steps and support the results of field work.
- Provide oversight and project supervision to assigned audit staff to ensure the overall quality and reliability of engagement workpapers.
- Review evidence, root cause, and draft of proposed audit observations and recommendations for improvement.
- Perform follow-up work on audit report findings to ascertain that management implemented their corrective action plan timely.
- Oversee and execute moderate to highly complex internal audits for assigned business segments.
- Review and collaborate on the preparation of audit reports and other outputs intended for audit clients including editing and integrating final work products and reports to support client review and discussion.
- Clearly and concisely present key themes and risks to senior leadership and influence decision-making.
- Update the Internal Audit Risk Assessment upon completion of an audit.
- Lead or influence the annual IT audit risk assessment and identification of emerging IT risks.
- Partnership with SOX/ICFR owners and External Audit to align on ITGC scope, testing approach, evidence standards, and reliance strategy.
- Semi-annually, evaluate controls that support Sarbanes Oxley requirements including tests of control design and effectiveness regarding applications, databases, and the general computing environment.
- Effectively manage scope, resources, and dependencies to meet firm deadlines without compromising quality.
- Participate in special projects as requested by management.
- Participate in the annual risk assessment process, assist external auditors and examiners, or attend committee meetings.
- Serve as a trusted risk partner in providing advisory support and effective challenge for new enterprise initiatives.
Qualifications And Education Requirements
- Bachelor’s Degree in Information Technology, Computer Science, or relevant business-related field.
- One or more IT certifications (CISA, CISSP, CISM, etc.).
- Strong organizational, analytical, oral and written communication skills.
- Deep understanding of operational and technical information systems concepts and controls including network infrastructure, computer operating systems, database management systems, SDLC, change management, IT governance, and complex computer applications.
- Minimum of ten (10) years of IT audit or relevant business experience.
- Ability to work within strict deadlines.
- Public Accounting, Regulatory, or external audit experience is a plus.
- Banking experience is a plus.
- Experience using Optro (AuditBoard) is a plus.