Manager, IT Audit
In this position, you will be responsible for developing, managing, conducting and reviewing IT audits, integrated IT/operations audits, Sarbanes-Oxley testing, and special projects as assigned. You will develop and rely on a deep understanding of the company’s operations, operating environment and the retail industry and use this knowledge to evaluate and advise the business regarding IT systems, processes and controls. You will be responsible for managing audits and delivering recommendations that add value to and improve the efficiency of the company’s operations.
The Manager, Information Technology Internal Audit has management responsibility over the IT internal audit team. This includes the interviewing, hiring, training and appraising performance of associates; planning, assigning, and managing work; and addressing complaints and resolving problems.
- Develop, plan, manage, and perform risk-based IT focused and integrated internal audits to assess the effectiveness and efficiency of company operations, processes, systems.
- Lead the efforts of the IT internal audit team to develop and execute design and operational effectiveness testing of key SOX controls.
- Foster a collaborative atmosphere within the Internal Audit team and promote cross training between IT, financial/operational (FINOPS) and Field Internal Audit.
- Maintain effective business relationships with appropriate levels of management throughout the organization to ensure that Internal Audit is aware of changes in business activities and objectives.
- Prepare and communicate to business management professionally crafted audit findings and opportunities for process improvement that are appropriately tailored to the company’s needs, values and operating environment.
- Perform special projects of varying complexity and business focus as directed by Internal Audit Management.
- Assist the external auditors, as applicable.
- Develop and enhance the professional capabilities of the IT internal audit team through the effective use of coaching, mentoring and on-the-job training.
- Develop and maintain knowledge expert knowledge of the company, its operations, and the retail industry overall.
- Maintain current knowledge of emerging professional auditing standards, relevant regulatory initiatives, industry trends and threats, and advancements in information technology used in business.
Education / Experience
- Bachelor’s degree in Information Systems, Business Administration, or another relevant analytical field.
- Minimum of 4 years’ experience in IT audit, information security, and/or relevant compliance functions.
- Working knowledge of IT audit and internal audit concepts.
- Demonstrated experience with internal control frameworks, professional audit standards, IT security and trust models, and guidelines (e.g. COSO, COBIT).
- Experience developing, documenting, and performing a full audit program to completion.
- In depth understanding of technologies, IT general and application-specific controls including those related to OS, database, network, security, and GRC.
- Ability to work effectively with all levels of management (technical and non-technical) and other colleagues, demonstrating strong initiative, mature judgment, professionalism, adaptability, and a customer service orientation.
- Must possess a “can-do” attitude with excellent verbal and written communication skills.
- Effective planning, organization, and time management skills.
- Ability to work independently, productively and follow through on all responsibilities to bring projects to a successful conclusion.
- One or more of the following certifications:
- Certified Information Systems Auditor (CISA)
- Certified Internal Auditor (CIA)
- Certified Information Security Manager (CISM)
- Certified Information Systems Security Professional (CISSP)
- Certified Public Accountant (CPA)
- Big 4 experience desired.