Sr. IT Auditor / IT Audit Associate - Internal Audit Group
What we do:
The Internal Audit Function assists the Federal Reserve Bank of New York’s Board of Directors and senior management in the effective discharge of their fiduciary responsibilities by independently assessing the adequacy and effectiveness of the controls within Bank business areas over (1) financial reporting, (2) effectiveness and efficiency of operations, and (3) compliance with laws and regulations, as well as the adequacy of the Bank's risk management and governance processes. Audit also reviews significant Bank projects and initiatives and performs consulting services within the guidance of the Internal Audit profession. It adds value by providing objective, timely and relevant analyses, comments and recommendations through an integrated and risk-based auditing approach.
The Audit Function currently has an opening for a senior IT auditor. The ideal candidate will have a strong understanding of technology auditing concepts with experience in audits of IT processes (such as information security, application development, IT governance) and IT infrastructure (databases, networks, and operating systems). Additionally, knowledge and experience in auditing complex technology projects is desirable. Responsibilities for this role will include functioning as auditor in charge and leading audit teams of 3-5 auditors as well as participating as a team member in audits led by other leads.
This role provides exposure to multiple business units across the Bank and the selected candidate will actively partner with senior stakeholders to facilitate their respective audit plans. The skill set and senior-level relationships developed in the role provide opportunity for advancement and upward mobility within the audit department. Your role as a Sr. IT Auditor / IT Audit Associate:
Qualifications: What we are looking for:
- Lead and/or participate in technology audits, technology project reviews, and technology audit work in audits of business processes (integrated audits), to identify and evaluate key operational risks and related controls.
- Engage with the Bank’s stakeholders to stay informed of changes and new initiatives within the business and technology areas and sharing audit perspectives relating to risk identification and mitigation
- Develop new audit techniques, revise existing procedures and perform risk analyses of areas in order to determine the frequency of audits.
- Identify and analyze complex issues, problems and improvement opportunities and develop conclusions and recommendations.
- Verify or review audit evidence, prepare audit plans, workpapers, findings, status reports and audit report.
- Communicate audit results to Audit supervision and senior management and client area management.
- Perform or lead follow-up reviews to ensure that appropriate corrective actions have been implemented by client management.
- Assist in training and developing junior auditors.
- Perform related duties as required.
- Maintain effective working relationships with assigned business area(s)
This position requires access to Federal Open Market Committee Data, which is limited to "Protected Individuals" as defined in the U.S. federal immigration law. Protected Individuals include, but are not limited to, U.S. citizens, U.S. nationals, U.S. permanent residents who are not yet eligible to apply for naturalization and U.S. permanent residents who have applied for naturalization within six months of being eligible to do so. Furthermore, this position has additional screening requirements due to the information accessed while performing the job. These additional screenings would be initiated at the time of offer acceptance and can take a couple of months to be completed. You can begin work before the screening is completed; however, continued employment is contingent on acceptable screening results. The screening areas such as education/employment verification, criminal history, credit history, and reaches out to your references and people that know you well. The Federal Reserve Bank of New York is committed to a diverse workforce and to providing equal employment opportunity to all persons without regard to race, color, religion, national origin, sex, sexual orientation, gender identity, age, genetic information, disability, or military service.
- Bachelor’s Degree in a related field, IT concentration highly desirable; Master’s Degree preferred
- 5 years of risk-focused internal audit experience, with strong ability to understand and review both financial and automated risks and controls within business processes in an integrated fashion
- Professional designation in, or ability to begin or complete a program to achieve, one or more of the following certifications within 180 days:
- Certified Internal Auditor (CIA)
- Certified Information Systems Auditor (CISA)
- Certified Public Accountant (CPA)
- Certified Information Systems Security Professional (CISSP)
- Project Management Professional (PMP)
- Demonstrated strong analytical skills, including ability to analyze business and financial activities, understand and describe process flows, strengths and weaknesses, and develop creative solutions to improve efficiency and effectiveness
- Proficiency in PC applications, with demonstrated ability to develop and apply spreadsheets, database and research tools and graphic presentations.
- Strong experience in technology auditing to include applications development, technology infrastructure (such as databases, operating systems, networks), information security, change management and business continuity planning & disaster recovery
- Knowledge and experience in performing audits of technology projects and programs (SDLC reviews)
- Strong knowledge of technology risk management principles and an understanding of relevant standards like COBIT, ITIL, ISO 27001 and NIST Cybersecurity Framework.
- Strong knowledge of risk management principles
- Experience with IT concepts, business applications and related controls.
- Proven ability to design and execute audit plans, procedures and testing for control compliance and core operational / financial audits.
- Experience assessing the adequacy of the internal control environments through the identification of inherent risks in the business and key controls designed to mitigate those risks
- Proven experience working cooperatively in a team environment with the ability to build collaborative relationships.