Senior Manager - Internal Audit (10-12 yrs)

Senior Manager Internal Audit

Summary:

Responsible for planning, executing, and reporting on audits related to the organization's IT systems, cyber security frameworks, and digital assets.

Responsibilities:

- Audit Planning and Execution: Develop and implement a comprehensive audit plan covering IT infrastructure, applications, cyber security controls, data governance, and digital asset management. Oversee the execution of audits, ensuring adherence to professional standards and methodologies (e.g., COBIT, NIST, ISO 27001).

- Cyber security Audits: Lead audits of cyber security frameworks, including vulnerability management, penetration testing, incident response, data loss prevention, and security awareness training. Assess the effectiveness of security controls in mitigating cyber threats.

- IT Systems Audits: Manage audits of IT infrastructure, including networks, servers, databases, cloud environments, and applications. Evaluate the effectiveness of IT controls related to change management, access control, system development life cycle, and disaster recovery.

- Digital Asset Audits: Oversee audits related to the organization's digital assets, which may include cryptocurrencies, blockchain technologies, NFTs, and other emerging digital technologies. Assess the risks associated with these assets and evaluate the effectiveness of controls for their custody, management, and valuation.

- Regulatory Compliance: Ensure audits are conducted in accordance with relevant regulatory requirements, such as SOX, GDPR, HIPAA, and industry-specific regulations. Stay abreast of changes in regulations and adapt audit procedures accordingly.

- Risk Assessment: Conduct risk assessments to identify key IT and cyber security risks and prioritize audit activities accordingly. Monitor the evolving threat landscape and its potential impact on the organization.

- Reporting and Communication: Prepare clear and concise audit reports summarizing findings, conclusions, and recommendations. Communicate audit results to management and the audit committee. Track the implementation of management's corrective actions.

- Team Management: Lead and mentor a team of IT auditors, providing guidance, training, and performance evaluations. Foster a culture of continuous improvement within the audit team.

- Stakeholder Collaboration: Collaborate with IT management, cyber security teams, and other stakeholders to understand business processes, identify risks, and provide value-added recommendations.

- Continuous Improvement: Stay current with industry best practices, emerging technologies, and audit methodologies. Identify opportunities to improve the efficiency and effectiveness of the internal audit function.

Qualifications:

- Bachelor's degree in Information Technology, Computer Science, Accounting, or a related field. Master's degree preferred.

- Professional certifications such as CISA, CISSP, CISM, CRISC, or CIA are required.

- 10-12 years of experience in IT audit, cyber security audit, or a related field, with at least 5 years in a management role.

- Deep understanding of IT infrastructure, cyber security frameworks, and digital asset technologies.

- Strong knowledge of audit methodologies, risk assessment techniques, and regulatory requirements.

- Excellent communication, interpersonal, and presentation skills.

- Proven ability to lead and manage teams.

- Experience with data analytics and audit software is a plus.

Key Competencies:

- Technical Expertise (IT, Cyber security, Digital Assets)

- Risk Management

- Audit Methodology

- Regulatory Compliance

- Leadership and Team Management

- Communication and Interpersonal Skills

- Problem-Solving and Analytical Skills

- Strategic Thinking