IT Internal Auditor-Technology

Technologies we use

About the project

Your responsibilities

• Independently validate the design and operational effectiveness of IT General Controls and Cloud controls
• Perform control procedure and documentation reviews including conducting interviews to clarify processes, data flows and architectures
• Prepare test scripts
• Perform root cause and impact analysis and provide management with recommendations to resolve issued findings.
• Advise business partners on IT findings, risks and control weaknesses.
• Validate findings post remediation
• Use knowledge of the current IT environment and industry IT trends to help identify and anticipate potential issues that may impact the banks risk landscape
• Design and assist in building continuous monitoring/reporting to improve efficiency an awareness of control testing activities
• Provide technical assistance on audit techniques
• Maintain an understanding of the cybersecurity footprint, platform architecture, cloud infrastructure, data governance and privacy compliance, general computing control structure of the Company (systems and architecture) and be able to apply that knowledge to how it supports the processes and procedures being reviewed
• Develop and maintain strong and effective working relationships with key business partners
• Proactively engage and follow up to ensure deliverables are met, and identified gaps have been communicated

Our requirements

• 6+ years work experience in technology audit and ITGC Testing
• Working knowledge and experience in python, JSON and SQL
• Experience in auditing IT cloud operations, network, infrastructure, and security preferably related to Amazon Web Services and Azure
• Experience in IT security and IT governance risk and compliance
• Strong understanding of cybersecurity processes and concepts (e.g. vulnerability management, security governance, software development, incident response, physical security, auditing and logging, micro segmentation, secure access service edges, zero trust architecture, PKI, penetration testing) as well as application controls
• Experience in auditing, compliance, and/or risk FFIEC, GLBA, GDPR and PCI
• Working knowledge and experience with professional standards including CCM, NIST CSF, COSO and COBIT
• Excellent listening and communication skills in both written and verbal forms; previous experience in writing internal audit reports, preferred
• Strong analytical, interpersonal and communication skills
• Current certifications, such as CISA or CISSP
• Demonstrate and apply a thorough understanding of complex information systems.
• Demonstrate and apply strong project management, time management and organizational skills
• Must possess an understanding of Information Security policies and standards, and have a working knowledge of Business Continuity Programs, electronic banking software and applications, Cloud computing, Cybersecurity Regulatory Framework, and Vendor Management practices
• Must be proficient using Microsoft Office software
• Ability to operate independently and perform quality work within the scheduled timeframe.

What we offer

• This role requires working from a U.S. Bank location three (3) or more days per week.

Benefits

Working hours