Company Description
- Stimulating work in a fast-paced and intellectually challenging environment
- Accelerated exposure and responsibility
- Global career development opportunities
- Diverse and inspiring colleagues and approachable leaders
- A hybrid-flexible work environment with an emphasis on in-person collaboration
- A culture rooted in principles of integrity, partnership, and high performance
- An organization with an important social purpose that positively impacts lives
Job Description Role Overview Key Responsibilities
-
Lead and participate in technology audits, evaluating the design and effectiveness of controls related to:
-
Technology infrastructure (networks, servers, databases).
-
Enterprise applications and systems.
-
Cybersecurity frameworks and controls.
-
Cloud services (Azure).
-
Identity Access Management (IAM) and data security.
-
ITGCs, Interface and application controls.
-
Develop and implement audit approaches and coverage strategies to ensure comprehensive risk assessment.
-
Provide assurance over key risk management strategies, ensuring alignment with industry best practices.
-
Provide coaching and guidance to junior auditors ensuring timeliness and quality of deliverables.
-
Perform continual assessment of emerging risks, suggesting adjustments to audit plans accordingly.
-
Ensure audit work is conducted in accordance with industry standards (e.g., ISACA, IIA, NIST, ISO 27001, COBIT).
-
Document audit findings and recommendations in a clear, concise, and actionable manner for senior leadership.
-
Work closely with Technology \& Data leadership, Enterprise Risk, and Compliance teams to align audit activities with business objectives.
-
Act as a trusted advisor to business units, offering insights on best practices for IT governance, risk, and compliance.
-
Influence strategic decisions by providing data-driven insights on IT risk management.
-
Foster strong relationships with business partners and other stakeholders to enhance risk awareness and control effectiveness.
-
Leverage data analytics and automation to enhance audit efficiency and effectiveness.
-
Stay updated on emerging technologies, cybersecurity threats, and regulatory changes to ensure audit methodologies remain relevant.
-
Analyze complex IT systems to identify areas for improvement and recommend effective solutions.
-
Communicate complex technical risks in a business-friendly manner to senior leadership.
Qualifications Education \& Certifications
- Bachelor's degree in Computer Science, Information Systems, Business, Accounting, or a related field.
- Professional certifications (at least one required): CISA, CISSP, CRISC, CISM, CGEIT, CIA
- Knowledge of IT governance frameworks (COBIT, NIST, ISO 27001) is essential.
Professional Experience
- 7 years of experience in IT auditing, internal audit, technology risk management, or cybersecurity assessments.
- Strong understanding of IT general controls (ITGCs), application controls, cloud security, and data governance.
- Experience with audit methodologies, risk management practices, and regulatory compliance in financial services or investment management.
- Proven ability to write succinct audit findings/reports that provide meaningful insights to senior leadership.
- Strong organizational/project management skills, the ability to manage end to end audits and achieve multiple deadlines, both internal and external.
Key Competencies
- Critical Thinking \& Attention to Detail: Ability to identify risks and assess control effectiveness with a keen eye for detail.
- Communications \& Simplification: Superior communication skills (written and oral) with the ability to take concepts or risks or technical control gaps and present them simply, concisely and effectively.
- Collaboration \& Influence: Strong interpersonal skills to work effectively with cross-functional teams.
- Adaptability \& Innovation: Willingness to embrace change and leverage new technologies to enhance audit processes.
- Integrity \& Accountability: Commitment to ethical auditing practices and professional standards.
Additional Information Disclaimer:
CPP Investments
