Auditor II - IT Infrastructure

Our client, a leading bank, is looking for an Auditor II - IT Infrastructure to join their growing team.

 The IT auditor will work within the IT Service Management and Infrastructure Internal Audit team primarily focused on documenting, assessing, and testing IT controls related to Networking, IT Operations, Incident, Problem and Change Management, Operating Systems, SQL & Oracle Databases, Cloud Technology, Endpoint Technology, Data Center Operations, Cybersecurity, etc.). The auditor will be responsible for ensuring compliance with Internal Audit methodologies, bank policies, procedures, and regulatory requirements. Additionally, the position is responsible for monitoring open issue and conducting validation testing, continuous monitoring/auditing activity and assisting on regulatory matters (as needed) in accordance with audit methodology and taking into consideration industry development, emerging risks, and regulatory changes and expectations. The role will also periodically require assisting the Director in responding to ad hoc requests (e.g., regulatory inquiries, preparing information for various board reporting, developing management reports/decks, etc.).

Internal Audit and CRR
The Internal Audit and CRR team provides objective and independent assurance services to support the bank in its mission and to help achieve its objectives through proactive risk management. The focus is on ensuring business activities remain safe, compliant and well-positioned for future opportunity and sustainable growth.

  • Develops a general knowledge of the business, regulatory and IT control environment in which the Bank operates.
  • Keeps informed of new services, products and events that have a significant technology and business impact. Keeps abreast of changes in the business, regulatory and IT control environment in which  the bank operates, particularly in areas where audit responsibilities are assigned.
  • Assists the Audit Manager(s) and/ or the Audit Director in the development of the audit scope.
  • Holds preliminary discussions and interviews with auditees prior to the beginning of the field work.
  • Prepares narratives/flowcharts detailing internal controls of area audited. Documents the workflow in the area audited, develops audit programs or procedures, and updates audit programs as necessary.
  • Holds discussions/interviews with auditee to gather information, obtains explanations and supporting data/information, and performs program procedures to document work performed. Documents audit findings, test results and the conclusions drawn using work paper preparation guidelines.
  • Keeps the Auditor Manager(s) and/or Director abreast of progress, issues and audit matters as they arise.
  • Contributes to the drafting of audit observation sheets and audit reports.
  • Supports and or participates in audit exit meeting with management.
  • Complies fully with all Bank Operational and Credit policies and procedures as well as all regulatory requirements (e.g. Bank Secrecy Act, Know Your Client, Community Reinvestment Act, Fair Lending Practices, Code of Conduct, etc.).
  • Completes all required training.
  • Completes time sheets and expense reports in a timely manner.
  • Bachelor’s Degree in Computer Information Systems, Computer Science or equivalent
  • Minimum 3 years of experience in performing IT internal control audits and risk assessments required.
  • Minimum 1 year of public accounting and/or private industry experience with knowledge of IT control areas required.
Skills and Knowledge
  • Understanding of risks, internal controls, work paper documentation and issue identification concepts and experience in applying them to plan, perform, and report on the evaluation of various business processes/areas/functions.
  • Ability to work independently or under the guidance and supervision of a Senior Auditor.
  • Strong verbal and written communication skills, to effectively present to peers and management.
  • Ability to exhibit leadership skills needed to convey ideas and obtain management buy-in for constructive change.
  • Understanding of internal auditing standards, COSO and risk assessment practices.
  • Understanding of the technical aspects of information technology, primarily Technology Infrastructure and Service Management processes (e.g., Networking, Operating Systems, SQL and/or Oracle DB, Mobile Devices, IT Operations, Cloud Infrastructure, Asset Management, Endpoint Technology, etc.)
  • Understanding of FFIEC IT Handbooks, CIS, COBIT best practices.
  • Experience in performing multiple projects and working with varying team members.
  • Prior Banking industry experience is a plus.
  • Understanding and/or skillset necessary to build Data Analytics, Artificial Intelligence, Tableau data visualizations, and Robotic Processing Automation solutions preferred.
Required Licenses and Certifications
CISA- Certified Information Systems Auditor or
CISSP- Certified Information Security Professional or
CIA- Certified Internal Auditor