IT Audit Director
VisaFoster City, CA,4 months ago
The mission of Visa’s Internal Audit team is to enhance and protect Visa’s organizational value by providing risk-based and objective assurance, advice and insight on the state of Visa’s risk and control environment.
The Director – IT Audit will manage and execute aspects of the internal annual plan. Responsibilities include:
- Ensuring high professional standards as set forth in Internal Audit’s Charter and IIA Professional Standards.
- Lead engagement planning and scoping activities, working directly with senior client leaders.
- Oversee the execution of all phases of the audit, supervising a team of up to six multi-disciplined audit (and co-sourced) professionals.
- Exhibit soundness of judgment and accuracy in all work.
- Demonstrate ability to understand and train others in the universe of business/technical risks and in the evaluation of the adequacy of management’s control design and effectiveness of control activities in accordance with the COSO framework.
- Maintain business relationships with appropriate levels of IT management to ensure that Audit is aware of changes in business activities and objectives, and a necessary Audit response is developed.
- Possess outstanding written and oral communication skills and demonstrate these skills during the audit process to the appropriate level of Visa and Audit management. Ideas should be expressed clearly and concisely.
- Promote new ideas and new ways of executing projects and internal infrastructure enhancements. Demonstrate commitment to Visa’s and Internal Audit’s strategic vision, be a self-starter, and promote project ownership and responsibility for actions.
- Interact with Audit project team members in working towards Departmental goals. Demonstrate ability to resolve team conflicts and bring group together to enhance project results through group planning, feedback and development skills.
- Maintain a strong knowledge of overall business issues. Understand Company structure and functional responsibility. Assess efficiency and effectiveness of a business unit (during a project) and align with Visa-wide strategy and objectives.
- Interact with the senior technology client leaders and the Audit Leadership Team to offer consultation and ensure quality control of Audit Department practices.
- Coordinate and lead the execution of selected complex projects in areas of specialization and expertise.
- Provide ongoing coaching to Audit professionals of various levels and experience.
- Prepare performance evaluations for auditors.
- Prepare/approve the audit scope, work program, and testing plan for each IT audit assignment.
- During each audit, provide day-to-day and on-site support to ensure quality of IT Audit services provided:
- Provide direction to IT auditors to ensure that audits are performed in accordance with department and professional standards.
- Review audit work papers.
- Review draft audit findings, and ensure issues are appropriately vetted and constructed given the circumstances.
- Provide reports to client managers on the effectiveness of their business unit's internal control structure along with recommendations that improve the effectiveness and/or efficiency of a control or process.
- Evaluate the adequacy and timeliness of management's response and the corrective action taken on all significant weaknesses noted in the reports.
- Coordinate with other risk management functions and Independent Public Accountants to minimize duplication of effort and to ensure that issues raised as a result of their reviews are appropriately addressed.
For Special Projects, as assigned:
- Participate in activities related to systems development, new products, mergers and acquisitions, and analyze new policies to ensure that control considerations are evaluated in the early stages of these activities.
- Provide control consulting services to management to assist in redesign efforts that improve the control environment.
- Enhance Audit's policies, procedures and methodologies to improve Audit's effectiveness in achieving its Charter.
- 10 years of work experience with a Bachelor’s Degree or at least 8 years of work experience with an Advanced Degree (e.g. Masters/MBA/JD/MD) or at least 3 years of work experience with a PhD
- 10+ years of internal audit experience, preferably with a large financial institution, or Big 4 assurance experience.
- Demonstrated experience managing audits within a complex operational and regulatory environment that includes mainframe, distributed and network technology platforms.
- Demonstrated ability to plan and execute IT audits focusing on General Computer Controls, including Information Security, Information System Operations, Vendor Management, Business Continuity, Networks, Database, System Software, Hardware, and Application Development controls.
- Strong supervisory and time management skills.
- Experience in managing a staff of diverse professionals.
- Experience evaluating controls associated with complex business processes.
- Excellent written and oral communication skills.
- 12-15 years of work experience with a Bachelor’s Degree or 8-10 years of experience with an Advanced Degree (e.g. Masters, MBA, JD, MD) or 6+ years of work experience with a PhD
- Bachelor's degree in accounting, computer science, management information systems, or related field.
- CIA, CPA, CISA, CISSP, Open FAIR, or other relevant professional certification highly desired.
- Extensive information security and network control audit knowledge, and experience with network footprinting and penetration testing tools would be highly regarded.
- Experience in the financial services industry and PCI-DSS knowledge.
- Experience using COBIT, NIST, FAIR, or other governance/security/risk management frameworks desirable.
This position is based in the Bay Area and does not provide relocation.
- Incumbent must make themselves available during core business hours as well as reasonable off-hour work.
- This position requires the incumbent to travel for work 10 - 25% of the time.
- This position will be performed in an office setting. The position will require the incumbent to sit and stand at a desk, communicate in person and by telephone, frequently operate standard office equipment, such as telephones and computers, reach with hands and arms, and bend or lift up to 25 pounds.
Visa is an EEO Employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status. Visa will also consider for employment qualified applicants with criminal histories in a manner consistent with EEOC guidelines and applicable local law.