Senior Audit Manager - Information Systems
Position Summary
The internal title for this role will be AVP, Senior Audit Manager - Information Systems. This hands-on role plays an integral role in managing the IT Internal Audit Plan at the Bank as a strategic business partner. The role will support the VP/Audit Director Information Systems in developing and executing the IT Internal Audit plan. The role will assist in the annual risk assessment and corresponding audit planning, be responsible for and supervise staff for the completion of SOX Information Technology General Controls (ITGC) testing, system implementation reviews/audits, IS/IT internal audits and other projects as needed, serve as the point of contact for co-sourcing arrangements, perform testing, as well as manage the preparation of the internal audit reports. The incumbent will establish and maintain productive business relationships with Bank Technology’s (BT) management team and communicate with them regarding audit results and significant control matters.
Specific Responsibilities
- Interface directly with IT management, Enterprise Risk Management (ERM) and Compliance to provide audit results and ensure compliance with regulatory requirements, company policies, procedures, and industry best practices.
- Supervise and conduct SOX Information Technology General Controls (ITGC) testing and IS/IT internal audits, system implementation reviews/audits and serve as the point of contact for co-sourcing arrangements, perform testing as well as manage the preparation of the internal audit reports.
- Assist in the annual risk assessment and corresponding audit planning process.
- Manage IA staff execution of internal audits, and other analysis to meet objectives of assigned audit projects and maintain compliance with Internal Audit (IA) and industry (including IIA and CISA) standards.
- Manage audits with timely completion and communicate progress and results throughout the audit engagement to management and VP/ Audit Director Information Systems and IA management.
- Manage co-sourcing relationships and coordinate with external auditors on technology-related portions of the financial statement audit.
- Provide control consulting services to management to assist in efforts to mitigate risks and improve controls.
- Follow-up with BT management on Bank incidents and potential breaches to determine root cause and make recommendations for control changes and audit plan changes, if appropriate.
- Maintain in-depth understanding of the IS/IT business processes and the underlying technologies of the Bank’s security and network infrastructure, including Artificial Intelligence (AI).
- Stay up to date on related IS/IT risks and issues that are reported in the media and assess and communicate with VP/ - Audit Director Information Systems any risk concerns.
- Promote innovative ideas and new ways of designing and executing IT audits through technology and data analytics.
- Enhance IT audit team access to information to facilitate audit testing and analysis.
- Develop and manage department standards, tools, and procedures.
- Execute special assignments and other duties, as assigned at the direction of the Chief Audit Officer and the VP/ Audit Director Information Systems
Qualifications
- Education and Experience: Bachelor’s degree in information systems, cybersecurity, accounting, finance, or a related field is expected. A related master’s degree or work towards a master’s degree is preferred. 12+ years of progressively responsible experience in IT audit.
- Experience: Experience in project implementation or pre-implementation reviews. Experience within a highly regulated environment.
- Professional Certifications: CISA or CISSP required.
- Technical Skills and Domain Expertise: Strong knowledge of IT Frameworks: COBIT, COSO, NIST-800-53, ISO 27001, ISO 22301. Knowledge of controlling and securing system platforms (including Windows), database platforms (SQL Server), endpoint platforms, network infrastructures, and cloud computing. Working knowledge of banking/financial services industry technology infrastructure. Proficiency in data analytics tools and techniques. Strong understanding of and experience applying audit processes, risk-based audit methodology, risk management, and advisory services.
- Management Skills: Excellent communication, interpersonal, time management, critical thinking, and issue resolution skills. Strong organizational skills and attention to detail. Ability to quickly acquire and apply knowledge of changing technologies, including AI. Ability to analyze technology infrastructure, operations processes, and internal controls to formulate effective measures to improve control effectiveness and efficiency. Ability to effectively present audit findings and recommendations to responsible parties. Ability to manage and compete audit work and issue reports in accordance with project and calendar timelines.
Foundational Expectations
- Regulatory Awareness – Deep understanding of the financial regulatory landscape and the technology implications.
- Risk & Control Expertise – Ability to identify control gaps and propose practical, risk-proportionate solutions.
- Strategic Thinking – Aligns audit focus with enterprise risk priorities and emerging threats.
- Collaboration & Influence – Builds strong partnerships with IT, cyber, risk, and business leaders.
- Integrity & Professionalism – Upholds audit independence and sound judgment.