RESPONSIBILITIES AND QUALIFICATIONS
Duties: Vice President with Company in New York, NY. Plan, budget, scope, lead and execute risk-focused and regulatory required reviews of technology systems and processes within the Platform Technology Business Unit of the Technology Division. Identify risks associated with technology implementations, technology governance, privilege management, change management (including SDLC), data completeness and integrity, and cybersecurity controls. Lead multiple audits executed concurrently within Platform Technology areas to validate the design and execution of key controls utilizing various techniques, including data analysis, code inspection, control re-performance and observation, and technology controls adequacy interviews, which includes overseeing the work of small teams of auditors on a project by project basis. Communicate scope, progress and results of audit reviews to internal technology and business stakeholders. Document audit testing and results in a clear and concise manner and in line with the firm’s and industry standards for internal audit. Coordinate and advise business unit technology auditors across the department on integrated audits that relate to Platform Technology systems used to deliver business unit applications. Validate that management actions to reduce identified risks are implemented. Validate quality of Sarbanes-Oxley ("SOX") and Risk Control Self Assessments (RCSA) of technology areas/processes within Platform Technology. Perform continuous monitoring and develop/maintain an in-depth understanding of technology areas/processes within Platform Technology. Participate in internal initiatives and committees to enhance audit methodologies in order to improve effectiveness, efficiency and consistency. Provide input on key systems, risks and controls to be reviewed as part of annual audit planning cycle.
Job Requirements: Bachelor’s degree (U.S. or foreign equivalent) in Computer Science, Information Systems, Information Security or related field. Five (5) years of experience in the job offered or in a related Information Technology (IT) Auditing, Technology, or IT Project Management position. Prior work experience must include five (5) years with: utilizing process design and analysis techniques, including data analysis tools such as Microsoft Excel and Microsoft Access; developing knowledge of technology strategies, including knowledge of firm policies and procedures, technology and regulatory environment; collaborating with other firm stakeholders to identify, document and communicate risks associated with various technologies; preparing effective, clear and concise reports, including discussions of risks associated with various technologies, and presenting to senior stakeholders using standard productivity tooling such as Microsoft Word and Microsoft Powerpoint; and developing knowledge of vendor management processes. Prior work experience must include four (4) years with: developing knowledge of risks across the following types of technologies: Networks, Operating Systems (including Linux or Windows), Database Management Systems (including MS SQL Server or Sybase) and mobile device platforms; and assessing Information Security risks, including logical access controls, logging and monitoring, and data loss protection. Travel required 5 – 10% of time.