Manager/Senior Manager - Audit Assurance/Cybersecurity - IT

Job Objective :

- Cyber Security Audit & Assurance Group drives Internal Audit engagements focused on enterprise-wide core technology and cyber security programs. This leader will perform/execute IT audit engagements across business units to drive effective implementation and assurance of enterprise cyber, control, and risk management frameworks.

- Driving 3rd layer of defense cybersecurity initiatives related to cyber readiness, compliance, and risk management.

- Working collaboratively with BU Executives and Digital Technology Leaders across the business in the evaluation of the security posture.

Roles and Responsibilities :

- The incumbent is responsible for the formulation of appropriate audit programs, conducting audits., assigning and directing staffing resources to complete the audit plans as scheduled, generating final audit reports for internal and regulatory agency review, and conducting thorough follow-up audits on previously identified issues.

- Performs Audit - Enterprise Risk Management to continually track and monitor entity level cyber risk and assist in defining and tracking standard IA Cyber KPI's across entities.

- Supports in the enterprise Internal Audit cyber security risk exposure program based on the outcome of annual audits in partnership and in coordination with the Cyber team and BU Digital Technology leaders.

- Enhances, aligns, maintains, and educates BUs on enterprise cyber program, cyber control, and risk management frameworks in partnership and coordination with the Cyber team and BU Digital Technology leaders.

- Translates technical risks to cross-functional teams to assist the broader organization in understanding and addressing cyber risks.

- Perform portfolio of assigned audits and related activities, including staffing, scheduling, and coordination with stakeholders to ensure the timely completion of the plan.

- Develop audit programs and testing procedures relevant to risk and test objectives.

- Maintain an awareness of current and emerging internal and external organizational, procedural, and technological changes that may impact the audit entity under review.

- Manage and monitor the progress of the audit engagement, prioritize the workload of the audit team, and identify/escalate any necessary changes to the audit as the engagement progresses.

- Deliver audits in highly technical areas of current/emerging technologies including cloud, security, distributed computing, OT, IoT, Zero Trust Networks, High Value Asset Protection.

- Stay abreast of new and emerging regulations & trends that impacts information technology controls and rapidly adjust audit plan or procedures accordingly.

- Drive continuous improvement mindset in the audit function, including identifying and integrating best practices; Identify specific actions to improve the efficiency and effectiveness of Internal Audits.

- Achieve annual goals and budget targets by effectively managing resources and stakeholder requirements.