Manager of Audit I - IT Platform

Our client, a Leading bank, is looking for a Manager of Audit I - IT Platform to join their growing team

Responsible for performing IT application controls and General IT controls audits. The auditor must understand, analyze, and test the technology controls to cover the business auditor’s applications (integrated) audit. Position will also assist with the development and implementation of an Information technology data analytics strategy that delivers key insights to management and supporting functions. Leveraging deep expertise in business strategy, analysis, data science, and visualization techniques to support the audit function and the organization with actionable insights to drive ongoing success. Areas of focus include supporting the continuous improvement of audit methodologies, audit approach and related practices with particular emphasis towards collaboration with key partners, leveraging the use of analytics, business intelligence, data mining and other enabling approaches, technologies and tools.
Internal Audit and CRRThe Internal Audit and CRR team provides objective and independent assurance services to support the bank in its mission and to help achieve its objectives through proactive risk management. The focus is on ensuring business activities remain safe, compliant and well-positioned for future opportunity and sustainable growth.
  • Demonstrated experience testing IT general controls and application controls including electronic authorizations, application parameters, settings and/or scripts, and access to sensitive application transactions and data interfaces
  • Supports moderate to complex risk-based audits, targeted reviews, etc. in accordance with the bank audit methodology
  • Collaborates with Non-IT (e.g. Operational, Financial, Wealth Management, etc.) Audit counterparts during all phases of an integrated audit to ensure sufficient IT audit coverage. This includes assessing business processes to identity the key application(s) utilized in processes and the top risks and controls that should be reviewed in the audit.
  • Assists with interviews and walkthroughs of IT and business process with the objective to identity top risk, key controls and define the audit scope and audit work programs
  • Develops and executes test steps and sampling strategy that adequately and efficiently substantiate that identified controls are designed and operating effectively
  • Incorporates the use of data analytics to improve audit efficiency and broaden the audited population
  • Ensures all audit work (e.g., work papers, reports, etc.) conforms to the bank’s audit methodology, including those performed by staff
  • Drafts and communicates audit findings/audit report to executive and senior management to address identified risks, exposures and root causes
  • Obtains and assesses responses to audit findings to ensure management action plans and target due dates are adequate in addressing the risk(s) and root cause(s) in a timely matter
  • Keeps respective Director or Auditor-in-Charge apprised of project status, observations and audit findings.
  • Demonstrated experience in working in a matrixed organization with proven ability to multitask and prioritize activities.
  • Assists in quarterly Continuous Monitoring activities, which include but are not limited to, performing risk assessments of assigned IT functions/depts., develop continuous assurance data analytics test strategies
  • Takes responsibility to develop own personal and professional leadership skills and capabilities
  • Participates in social, charitable or inclusive committees within Internal Audit or RBC
  • Build trusting relationships with Internal Audit peers and business partners
  • Bachelor’s Degree in Computer Information Systems, Computer Engineering, Computer Science, Management Information systems, or related field required.
  • Minimum 4 years of audit or related experience in banking operations, compliance, and/or risk management activities.
  • Minimum 2 year of experience conducting internal audits within financial institutions.
  • CISSP – Certified Information Systems Security Professional
  • CIA – Certified Internal Auditor
  • CISM – Certified Information Security Manager
  • CISA – Certified Information Systems Auditor
  • CEH-Certified Ethical Hacker
Skills and Knowledge
  • Must possess strong organizational, and verbal and written communication skills.
  • Ideal candidate will have relevant experience in an IT department along with at least 2 years in banking or financial services, or equivalent experience in a consulting capacity
  • Experience in use of data analytics, visualization and reporting – e.g. Tableau.
  • Capable of working in an agile and dynamic team-based environment, can tolerate ambiguity, able to function independently, and demonstrates critical problem-solving abilities.
  • Knowledgeable in COBIT
  • Demonstrates a sound understanding IT application or program controls, These controls vary specific application. which are fully automated (i.e., performed automatically by the systems) designed to ensure the complete and accurate processing of data, from input through output. based on the business purpose of the IT applications Controls may include: Completeness checks – controls that ensure all records were processed from initiation to completion. Validity checks – controls that ensure only valid data is input or processed. Identification – controls that ensure all users are uniquely and irrefutably identified.  Authorization – controls that ensure only approved business users have access to the application system. Input controls – controls that ensure data integrity fed from upstream sources into the application system. Authentication – controls that provide an authentication mechanism in the application system. Forensic controls – control that ensure data is scientifically correct and mathematically correct based on inputs and outputs.