Associate (IT Auditor)

Associate (IT Auditor) – NYC (Visa Sponsorship Available) – Major Global Bank

The incumbent will be responsible for assisting to conduct Audit Data Analysis through on-site and off-site audit. S/He will also be responsible for conducting periodic data analysis for on-site and off-site audit projects and developing suitable models for data analysis.

We are looking for candidates who have min of Bachelor’s degree in business/statistics/computer science related fields. S/He should have minimum of 1 year of working experience.

Bilingual ability in Mandarin required.

 

Contact Lindsay Raider: 212.685.4884

Advertisements

Senior Technology Aligned Risk Manager – Associate Director

Senior Technology Aligned Risk Manager – Associate Director – up to 200k – Global Investment Bank

Summary: We are seeking a Senior Technology Risk Manager to help manage our technology risk management function for the Americas region. The role provides a great opportunity to work closely with the Technology Management teams, Business Operational Risk Management teams and interfaces across several technology teams in the bank. We are seeking someone who can help drive and embed our Operational Risk Framework, including Risk Mitigation & Control Improvement, as well as providing strategic risk leadership across our technology projects and teams

Description:

The Corporate Operations Group (COG) brings together specialist support services including workplace, human resources, market operations and technology. COG’s purpose is to drive operational excellence through business-aligned services with a focus on quality, cost and risk. COG comprises the following divisions: Business Improvement and Strategy, Business Services, Human Resources, Market Operations, and Technology.

About The Role

We are seeking a Senior Technology Risk Manager to help manage our technology risk management function for the Americas region.  The role provides a great opportunity to work closely with the Technology Management teams, Business Operational Risk Management teams and interfaces across several technology teams in the bank.  We are seeking someone who can help drive and embed our Operational Risk Framework, including Risk Mitigation & Control Improvement, as well as providing strategic risk leadership across our technology projects and teams.

Key responsibilities:

The Senior Technology Risk Manager is responsible for assisting management to discharge their IT risk management responsibilities and act as their representative on Technology risk matters, including the following:

  • Leadership of a technology risk function for the Americas
  • Ongoing Operational Risk Management as it relates to Technology:

o             Execution and monitoring of risk management practices, operational issues and control breakdowns

o             Collation, analysis and reporting of a variety of risk information on a routine and exception basis

o             Review and implement Group-wide and Divisional policies and procedures

o             Training and risk mindset initiatives

o             Collaboration with central Risk Management group (eg. Compliance) to enable good Risk Management

  • Key elements of the framework to support:

o             Facilitate Operational Risk Self Assessments (ORSA)

o             Assurance of the critical controls in Technology

o             Incident recording, reporting and analysis, action management, escalation

o             Conducting operational risk workshops and training

o             Liaising with internal and external audit

o             Regular meetings with stakeholders to discuss risk items

  • Reviewing new business approvals and proposals

About You

To be successful in this role as a Senior Technology Risk Manager you will be degree qualified and have previous Technology Risk Management experience. Ideally you would have worked in the financial services industry and are a proactive operator with an ability to work independently as well as part of a cohesive team of technology risk professionals.

In addition to this you will have:

Business Knowledge:

  • Bring proven leadership experience in technology operational risk management
  • Understand and be comfortable operating in a segregated support area
  • Able to problem solve and drive issues through to completion
  • Display a professional work approach, work independently, be highly visible and provide transparency of process to clients and the team

Leadership Skills:

  • Ability to exercise initiative and be able to follow through on issues with minimal supervision
  • Independence of mind and ability to escalate issues where appropriate

Interpersonal Skills:

  • Possess strong interpersonal and communication skills and display initiative to lead discussions with operational staff at all levels, business leaders and risk management colleagues
  • Ability to make high level judgments and work closely with peers/ senior management
  • Ability to manage/ execute tasks within set timeframes

Technical Specialist Skills:

  • Detailed knowledge of control processes and best practice in IT controls
  • Excellent understanding of risk management frameworks and relevant certifications (CISA/CRISC)
  • Ability to write/ present clear and concise reports
  • Ability to identify and analyse risks and develop effective and efficient strategies to manage risks

Planning and Organising:

  • Ability to prioritise and manage multiple and competing deadlines

Contact A Stan Hamlet Associate: 212.685.4884

IT Auditors (All Levels) Big 4 Public Accounting Firm

IT Auditors –

Senior associate (must be at least senior associate level to be considered)

Manager levels – (80-100k) 

Managers (110-140k) 

Leveraging industry and technical expertise to assist management to address more effectively risks associated with their business

Assisting management in the assessment of project risks and controls

Enhancing internal audit functions to further align to company strategy and risk

Reducing company costs through strategic internal audit outsourcing and co-sourcing solutions

Increasing value and reducing costs of compliance-related activities

Identifying opportunities for companies to effectively mitigate risk and improve business performance

Applying the concepts of Enterprise Risk Management to help companies identify, assess, mitigate and proactively consider emerging risks

The Specialty Area Of Process Assurance Provides Services Related To Controls Around The Financial Reporting, Compliance And Operational Processes, Including Business Process And IT Management Controls. Our Team Members Provide Multiple Services Including

Controls design, optimization and assurance services over finance, compliance and operational processes

Controls design and optimization services associated with system implementations and upgrades

Technical IT controls reviews, including database, operating system, data warehouse and reporting tools

Third party assurance and other opinion services

IT risk and control audit readiness services in support of regulatory compliance audits

Audit support services (application and IT general controls) for external audit engagements, including engagements under SoX requirements

Minimum Degree Required: Bachelor’s degree in one of the following: Accounting,  Finance/Economics, Management  Information Systems,  Computer Science, Business, Science, Technology, Engineering & Mathematics and/or a business field of study.

Certification(s) Required:  CISA

Demonstrates Extensive Knowledge Of Providing Services Related To Controls Around The Financial Reporting, Compliance And Operational Processes, Including Business Process And IT Management Controls, Which Includes a Proven Record Of Success With Managing The Following

Financial reporting and information technology risks, processes and controls;

Current and emerging technologies which may include: Oracle, SAP, Oracle Database, web development tools, virtualization, UNIX, Linux, and security technologies;

Core risks, processes and internal controls related to non-financial reporting, both manual and IT;

Risks, processes and controls related to financial reporting, both manual and IT, in a specific industry sector;

COSO Framework, CoBIT, ITIL and/or other leading business and IT control frameworks;

Relevant subject matter expertise to support the development of thought leadership;

Key internal operational processes of a professional services firm, e.g., engagement economics, billing and collection, performance appraisals, time reporting, personal independence and compliance requirement.

Contact A Stan Hamlet Associate: 212.685.4884

IT Audit Manager

Primary Job Responsibilities:

  1. SOX 404 Testing (IT)
  • Provide oversight of the Sarbanes-Oxley Program (IT)
  • Assist in the completion of Sarbanes-Oxley independent testing of financial controls
  • Coordinate, participate and document walkthroughs of major Company IT processes
  • Coordinate, plan and complete testing of internal controls
  • Develop and maintain strong working relationships with Process Owners
  • Identify all significant control weaknesses.
  • Draft and present findings and recommendations to Internal Audit management and audit clients.
  • Make suggestions for improvements to internal controls and control environment.

 

  1. IT Auditing
  • Provide management oversight of scheduled audits, IT pre-implementations and/or special projects
  • Quickly learn new business processes, company operations and activities and determine areas of greatest risk.
  • Acquire an understanding of corporate policies and procedures and the functional business disciplines being reviewed to ensure that audit procedures are appropriate, timely, and effective.
  • Responsible for determining scope and areas to be reviewed based on risk analysis.
  • Develop in-depth understanding of risks and controls related to assigned audit areas.
  • Perform reviews utilizing established guidelines to analyze the adequacy of internal controls and compliance with corporate procedures.
  • Perform audit test procedures and identify and communicate issues on a timely basis.
  • Prepare and/or review detailed audit documentation and working papers for assigned areas in accordance with internal audit policies, standards and guidelines.
  • Prepare and/or review detailed written observation memos and audit reports that include value-add audit recommendations
  • Develop positive working relationships and alignment with audit clients during the planning, execution and reporting phases of the audit
  • Share knowledge and seek assistance appropriately.
  • Prepare and communicate status of audit work with Vice President and engagement team members relative to milestones, open issues, and interactions with the internal clients.

Experience / Knowledge

  • Bachelors degree
  • Professional designation completed or in progress (CPA, CIA, CISA, CISSP, PMP)
  • Strong knowledge of US GAAP
  • Strong knowledge of audit methodology and techniques
  • Knowledge of Oracle Financials a plus
  • Prior External and / or Internal Audit experience
  • Ability to travel domestically (~20%)
  • Strong English language – verbal and written communication skills
  • Proficiency in Spanish language a plus – verbal and written communication skills
  • Ability to work with initiative, minimal supervision and meet prescribed deadlines
  • Strong interpersonal skills
  • Media experience a plus

Skills & Capabilities

  • Be a highly effective communicator with the ability to interact with Internal Audit stakeholders at all levels.
  • Develop their internal and external networks and be highly effective at creating lasting relationships with their team members, peers and business stakeholders.
  • Demonstrate strong business acumen by being attuned to Univision’s strategy, business environment and emerging trends and issues.
  • Be able to effectively leverage technology to improve operational effectiveness and efficiency.
  • Be a leader who will have the ability to build consensus and articulate a persuasive point of view.
  • Be nimble and agile, with the ability to audit strategic initiatives and change programs.
  • Be risk aware and have an intimate understanding of risk management practices within the organization, our industry and profession.
  • Be client service delivery focused and an innovative, critical thinker with the ability to provide pragmatic solutions to complex business problems.
  • Be technically proficient and committed to continuous learning and professional development.
  • Be fraud aware, with the ability to build effective fraud detection procedures into audit projects and to collaborate with key stakeholders to develop comprehensive anti fraud programs for the organization.
  • Be innately curious with the drive and work ethic to probe and “to ask the next question” (professional skepticism)

Contact A Stan Hamlet Associate: 212.685.4884

Senior IT Audit – Jersey City, NJ (Financial Services)

Primary Responsibilities

The Technology Audit Senior Analyst is responsible for evaluating risks (technology, financial, reputational, and regulatory), testing controls designed to mitigate risk, communicating issues and findings to management, devising solutions for business improvements, and following-up on corrective actions.  The Technology Audit Senior Analyst will need to work effectively in a team setting and is expected to:

  • Plan and execute multiple concurrent IT audits, including reviews of cyber security, existing production applications, systems currently being developed, technology infrastructure and specialized or emerging technologies.
  • Identify and assess complex risks (both business and technological) and to provide advice to management regarding mitigation of these risks.
  • Assess the controls over application processes, physical and logical security; systems acquisition and development; system and network infrastructure; system architecture; change management; computer operations; and production support.
  • Identify and address systemic control and efficiency issues. Develop data analysis and apply leading edge and other automated tools to provide management with proper context of potential exposure and loss of business due to control weaknesses.
  • Develop an ongoing “trusted advisor” relationship with audit clients and Internal Audit business unit colleagues to ensure timely and consistent controls advice.

Requirements

  • Solid understanding of technology best practices for application systems development and infrastructure support (operating systems, network and computer operations, production support, and information security).
  • Experience with highly complex and integrated processing environments.
  • Proven analytical skills.
  • Knowledge and experience with internal controls, risk assessment strategies, audit techniques, data mining, and project management.
  • Some understanding of the laws and regulations associated with SEC, FINRA, DoL, and ERISA regulated entities and the use of technology controls to meet these requirements.
  • Understanding of the risks associated with current and emerging technologies and the standards and controls being developed to mitigate those risks.
  • Strong team player willing to collaborate with highly skilled people on multiple levels.
  • Strong oral and written communication skills.
  • Ability to work on multiple tasks and manage team priorities and workload.
  • Team player who takes initiative and works constructively with other senior leaders to achieve goals.
  • Hands-on work style and “can do” attitude with a strong desire to make things happen.

Education and Experience

  • BA/BS in Technology, Finance, Accounting or related field of study.
  • Professional audit or information security certifications preferred (CIA, CPA, CISA, CISSP, SANS GIAC, etc.).
  • Typically two to five years of experience in technology audit, information security, systems engineering, or related fields.

Skills and Knowledge

  • Demonstrated technical abilities across a wide range of topics including:
    • operating systems (z/OS, UNIX, Linux, Windows)
    • networking (firewalls, TCP/IP, Active Directory)
    • cyber security operations (penetration testing, incident response, virus/malware analysis, secure code analysis)
    • messaging and directory systems (Exchange, Sendmail, LDAP)
    • database management systems (Oracle, DB2)
    • web application (.Net, XML)
    • software tools (Java, VB, ASP)
  • Some knowledge of financial services and/or relevant technologies supporting regulatory, brokerage, transfer agency, financial statements.

Contact A Stan Hamlet Associate: 212-685-4884 

Director-IT Audit (Infrastructure) / $175K base plus bonus / Jersey City, NJ

Position Summary:
The Director will have overall responsibility for providing advisory and assurance services in one or more areas of the company. The Director will build and maintain strong and proactive relationships with senior managers, and ensure that we design and execute a risk focused and dynamic audit plan. The Director will have impact on the department and the company outside their given responsibilities. They inspire their teams’ performance and create a balanced sense of urgency. In this role, the incumbent will identify, assess and advise on risks for large-scale technology projects and completing pre and post implementation reviews.

Principal Responsibilities:
Strategic Control Impact
• The Director will influence the risk and control framework of the Company by:
o Influencing the risk and control framework of the company by identifying meaningful issues, and increase the velocity and sustainability of resolving those issues.
o Highlighting key control themes and driving wider solutions to those themes.
o Increasing the velocity and sustainability of the resolution of those issues.
o Establishing themselves as trusted advisors to the business.
o Establishing ongoing relationships with managers in the covered businesses and functions.
o Offering advice on risk and control.
Audit Execution
• Influence the planning of each audit to help ensure our work is risk focused..
• Involved in the most important or complex areas of an audit, and corporate governance.
• Complete the audit plan on time and on budget.
• Prepare and review high quality reports that are cleared within report issuance guidelines.
• Effectively communicate throughout the project life cycle.

Quality Process
• Maintain a strong knowledge of IAD’s policies and procedures.
• Works with IAD leadership and the Audit Practices team to improve policies and procedures.
• Demonstrate strong compliance with IAD’s policies and practices, as evidenced by good QA results and strong performance within standards and related metrics.

Individual & Team Development
• Attract, develop, and retain high quality individuals.
• Inspire others and set a good example of the behaviors for the team’s success.
Contribute to the department as a whole without being asked, and help their peers to be successful.

Desired Skills and Experience
Experience:
• Previous internal or external audit experience is helpful, but not required.
• The incumbent Director will benefit from having experience in information security, information technology risk, and infrastructure audit experience.
Knowledge and Skills Required:
The Leadership Model sets out the core behaviors required of all employees. The Director position is unique and may require the incumbent to have or build specific knowledge of the businesses, products, functions, and processes within his or her coverage responsibilities.
More broadly, the Director will typically demonstrate the following skills and behaviors:
• Good written and oral communication skills
• Strong analytical and problem solving skills
• Self-starter, with the ability to work independently and in teams
• A high degree of responsibility in balancing multiple commitments and meeting deadlines and commitments to stakeholders
• Knowledge of information security controls to mitigate cyber threats and vulnerabilities of data bases, applications and infrastructure
• Knowledge of COBIT, ISO 27001/27002, FFIEC Handbook standards, NIST Cyber Framework
• Strong technical acumen and understanding of multiple operating systems (Windows, Unix, Linux, Z/OS) and technical platforms (networks, firewalls, storage).
• Knowledge of various programming languages (e.g., C, C++, C#, Java, Cobol) and databases (e.g. Oracle, SQL Server, DB2, Sybase)
• Knowledge of firm’s products and services or equivalent financial services products

Education, Training and Certification:
• A bachelor’s degree is required.
Beneficial, but not required, are certifications related to the incumbent’s coverage responsibilities, such as Certified Public Accountant, Certified Fraud Examiner, Certified Internal Auditor, Certified Information Systems Auditor, Certified Information Systems Security Professional, Certified Financial Analyst, or Certified Anti-Money Laundering Specialist.

Contact A Stan Hamlet Associate: 212-685-4884 

IT Audit Manager – North Jersey

Reporting Structure: Reports to the Vice President, Internal Audit

Primary Job Responsibilities: 

  1. SOX 404 Testing (IT)
  • Provide oversight of the Sarbanes-Oxley Program (IT)
  • Assist in the completion of Sarbanes-Oxley independent testing of financial controls
  • Coordinate, participate and document walkthroughs of major Company IT processes
  • Coordinate, plan and complete testing of internal controls
  • Develop and maintain strong working relationships with Process Owners
  • Identify all significant control weaknesses.
  • Draft and present findings and recommendations to Internal Audit management and audit clients.
  • Make suggestions for improvements to internal controls and control environment.
  1. IT Auditing
  • Provide management oversight of scheduled audits, IT pre-implementations and/or special projects
  • Quickly learn new business processes, company operations and activities and determine areas of greatest risk.
  • Acquire an understanding of corporate policies and procedures and the functional business disciplines being reviewed to ensure that audit procedures are appropriate, timely, and effective.
  • Responsible for determining scope and areas to be reviewed based on risk analysis.
  • Develop in-depth understanding of risks and controls related to assigned audit areas.
  • Perform reviews utilizing established guidelines to analyze the adequacy of internal controls and compliance with corporate procedures.
  • Perform audit test procedures and identify and communicate issues on a timely basis.
  • Prepare and/or review detailed audit documentation and working papers for assigned areas in accordance with internal audit policies, standards and guidelines.
  • Prepare and/or review detailed written observation memos and audit reports that include value-add audit recommendations
  • Develop positive working relationships and alignment with audit clients during the planning, execution and reporting phases of the audit
  • Share knowledge and seek assistance appropriately.
  • Prepare and communicate status of audit work with Vice President and engagement team members relative to milestones, open issues, and interactions with the internal clients.

Experience / Knowledge

  • Bachelors degree
  • Professional designation completed or in progress (CPA, CIA, CISA, CISSP, PMP)
  • Strong knowledge of US GAAP
  • Strong knowledge of audit methodology and techniques
  • Knowledge of Oracle Financials a plus
  • Prior External and / or Internal Audit experience
  • Ability to travel domestically (~20%)
  • Strong English language – verbal and written communication skills
  • Proficiency in Spanish language a plus – verbal and written communication skills
  • Ability to work with initiative, minimal supervision and meet prescribed deadlines
  • Strong interpersonal skills
  • Media experience a plus

Skills & Capabilities

  • Be a highly effective communicator with the ability to interact with Internal Audit stakeholders at all levels.
  • Develop their internal and external networks and be highly effective at creating lasting relationships with their team members, peers and business stakeholders.
  • Demonstrate strong business acumen by being attuned to Univision’s strategy, business environment and emerging trends and issues.
  • Be able to effectively leverage technology to improve operational effectiveness and efficiency.
  • Be a leader who will have the ability to build consensus and articulate a persuasive point of view.
  • Be nimble and agile, with the ability to audit strategic initiatives and change programs.
  • Be risk aware and have an intimate understanding of risk management practices within the organization, our industry and profession.
  • Be client service delivery focused and an innovative, critical thinker with the ability to provide pragmatic solutions to complex business problems.
  • Be technically proficient and committed to continuous learning and professional development.
  • Be fraud aware, with the ability to build effective fraud detection procedures into audit projects and to collaborate with key stakeholders to develop comprehensive anti fraud programs for the organization.
  • Be innately curious with the drive and work ethic to probe and “to ask the next question” (professional skepticism)

Contact A Stan Hamlet Associate: 212-685-4884