Are you looking for a position that will leverage and grow your technology skills, expand your knowledge of the financial services business, and give you the opportunity to problem solve with some of the best minds in the financial services and technology industries?
About Corporate Audit
Corporate Audit provides independent and objective audit and advisory services that help manage risk, improve customer service, and enhance business performance.
This mission is accomplished through:
- Assessing the adequacy and effectiveness of controls, risk management, compliance and governance processes
- Reporting on issues and solutions that improve our control environment
- Responding to change with a sense of urgency through continuous risk assessment and resource allocation
- Providing audit advisory services on new and changing products and systems
- Developing talented professionals for audit and leadership positions
Our primary motivation is to drive positive change throughout the firm. The Information Technology Audit group is responsible for providing the specialized IT audit skills required to assess and evaluate controls over our corporate-wide systems infrastructure environment and system development efforts in support of our businesses.
The Technology Audit Senior Analyst is responsible for evaluating risks (technology, financial, reputational, and regulatory), testing controls designed to mitigate risk, communicating issues and findings to management, devising solutions for business improvements, and following-up on corrective actions. The Technology Audit Senior Analyst will need to work effectively in a team setting and is expected to:
- Plan and execute multiple concurrent IT audits, including reviews of cyber security, existing production applications, systems currently being developed, technology infrastructure and specialized or emerging technologies.
- Identify and assess complex risks (both business and technological) and to provide advice to management regarding mitigation of these risks.
- Assess the controls over application processes, physical and logical security; systems acquisition and development; system and network infrastructure; system architecture; change management; computer operations; and production support.
- Identify and address systemic control and efficiency issues. Develop data analysis and apply leading edge and other automated tools to provide management with proper context of potential exposure and loss of business due to control weaknesses.
- Develop an ongoing “trusted advisor” relationship with audit clients and Internal Audit business unit colleagues to ensure timely and consistent controls advice.
- Solid understanding of technology best practices for application systems development and infrastructure support (operating systems, network and computer operations, production support, and information security).
- Experience with highly complex and integrated processing environments.
- Proven analytical skills.
- Knowledge and experience with internal controls, risk assessment strategies, audit techniques, data mining, and project management.
- Some understanding of the laws and regulations associated with SEC, FINRA, DoL, and ERISA regulated entities and the use of technology controls to meet these requirements.
- Understanding of the risks associated with current and emerging technologies and the standards and controls being developed to mitigate those risks.
- Strong team player willing to collaborate with highly skilled people on multiple levels.
- Strong oral and written communication skills.
- Ability to work on multiple tasks and manage team priorities and workload.
- Team player who takes initiative and works constructively with other senior leaders to achieve goals.
- Hands-on work style and “can do” attitude with a strong desire to make things happen.
Desired Skills and Experience
Education and Experience
- BA/BS in Technology, Finance, Accounting or related field of study.
- Professional audit or information security certifications preferred (CIA, CPA, CISA, CISSP, SANS GIAC, etc.).
- Typically two to five years of experience in technology audit, information security, systems engineering, or related fields.
Skills and Knowledge
- Demonstrated technical abilities across a wide range of topics including:
- operating systems (z/OS, UNIX, Linux, Windows)
- networking (firewalls, TCP/IP, Active Directory)
- cyber security operations (penetration testing, incident response, virus/malware analysis, secure code analysis)
- messaging and directory systems (Exchange, Sendmail, LDAP)
- database management systems (Oracle, DB2)
- web application (.Net, XML)
- software tools (Java, VB, ASP)
- Some knowledge of financial services and/or relevant technologies supporting regulatory, brokerage, transfer agency, financial statements.
Contact A Stan Hamlet Associate: 212-685-4884