Broadgate are working closely with a mid-sized Bank to hire a VP, IT Audit Manager. The candidate will lead and execute audits across various facets of information technology, including IT general controls, application controls, IT processes, project management, and data integrity. You'll utilize established information technology control frameworks such as NIST CSF, ITIL, COBIT, and FFIEC, or other pertinent regulatory guidance (e.g., NYSDFS 500, GLBA, etc.) as applicable.
- Develop risk-based audit programs and execute audit plans, aligning with current regulatory requirements (e.g., FFIEC, NYSDFS 500, GLBA) and emerging risks.
- Actively contribute to updating auditable entity risk assessments, supporting the audit plan's development, and considering IT audit standards and frameworks (e.g., ITIL, COBIT, FFIEC, ISO 17799, ISO/IEC 27002), data security and privacy regulations, emerging regulatory trends, and industry best practices.
- Stay abreast of industry IT trends, identify potential issues and risks, and incorporate changes into audit planning and risk assessments.
- Conduct comprehensive IT audits, identify risks, assess mitigating controls, pinpoint root causes, and provide value-added recommendations for enhancing the control environment through detailed audit reports.
- Leverage system and data knowledge to perform and document reviews in accordance with professional standards, including audit procedures, findings, and results. Follow up on open audit issues, validate their resolution, and ensure remediation evidence aligns with risk mitigation.
- Foster strong collaborative relationships with stakeholders, serving as a trusted advisor on risk and control matters while maintaining objectivity and independence in both perception and reality.
- Participate in department-wide initiatives and handle other assigned duties as necessary.
- 7 - 9 years of information technology audit experience in financial services or a public accounting firm.
- Proven experience leading all facets of the audit lifecycle, including planning, risk assessment, scoping, detailed testing, reporting, issue follow-up, and validation.
- Strong project and time management skills, balancing competing priorities effectively, and consistently delivering work on time and within budget.
- Bachelor's degree in Information Technology, Business, Accounting, Finance, or a related field.
- Proficiency in one or more information technology risk and control areas, encompassing logical and physical security, system development lifecycle, change management, IT operations, business continuity management, and IT infrastructure.
- Familiarity with relevant industry frameworks and regulatory guidance (e.g., COBIT, ITIL, NIST, FFIEC, ISO 27002) and applicable banking regulations.
- Demonstrated ability to adapt swiftly to changing demands, acquire in-depth knowledge of new audit areas, and effectively communicate findings.
- Excellent verbal and written communication skills, with the ability to interact professionally with all levels of management.
- Proficiency in using appropriate tools to enhance the audit process.
- Certified Information System Auditor (CISA)
- Relevant certifications in the information technology field such as Certified Information Systems Security Professional (CISSP), Certified in Risk and Information Systems Control (CRISC), Certified Information Privacy Professional (CIPP), Certified in the Governance of Enterprise IT (CGEIT), Certified Information Security Manager (CISM).
For more information about this role, or to set up a call, please apply, or email