• Execute and at times manage execution of audit work
• Contribute to maintenance and risk assessment of the audit universe and audit coverage strategy
• Perform continuous monitoring of relevant areas in the business
• Monitor, follow-up on and assess the resolution of audit issues
• Contribute to the audit opinion
• Contribute to evaluating the enterprise risk framework, policies and standards
• Contribute to evaluating the management control approach and control environment of relevant business areas
Stakeholder Management and Leadership
• Build trusting and open relationships with clients on each audit and develop ongoing relationships with key clients in aligned business area.
• Develop a wide network of contacts across IA and the business to identify and work towards common goals.
• Understand the needs of client/customer and make decisions using this knowledge.
• Discuss and agree the factual accuracy of audit observations with clients/Vice President/Director as appropriate.
• Be comfortable to challenge others; be prepared to be challenged.
• Act as buddy to less experienced team members and support others to develop.
• Share knowledge with IA colleagues and peers in the business. Be open to learn from others through feedback given to you.
Decision-making and Problem Solving
• Support the Audit Owner in scoping the audit
• Identify, assess, and document risks & controls
• Complete controls testing - evaluate the design and operating effectiveness of controls & document this understanding in the IA audit toolkit.
• Contribute to management of audit coverage for assigned areas of the business, including proposing audit and continuous monitoring work, and contributing to maintaining the IA opinion of control environment and management control approach.
• Update the Audit Owner and audit team with progress and observations.
• Write high quality audit observations and support the Audit Owner in writing the report
• Provide suggestions to management for actions to address control issues identified
• Proactively take on additional tasks as requested by Vice Presidents/Directors/Managing Directors
• Suggest practical ways of improving the work they do and apply where appropriate
Risk and Control Objective
Ensure that all activities and duties are carried out in full compliance with regulatory requirements, Enterprise Wide Risk Management Framework and internal Policies and Policy Standards.
Essential Skills/Basic Qualifications:
• Bachelor’s degree
• 5+ years’ experience in risk based auditing or risk/control activities within one or more of the following areas:
o Exposure to and background knowledge of Enterprise Architecture Reference Models, system development methodology (e.g. Lean, Agile, DevOps), development tools (e.g. collaboration, source code, etc.).
o Exposure to and background knowledge of Innovation governance, industry key trends, both internally and externally.
o Programme / project delivery experience or exposure to auditing major programmes and projects.
o Technical experience (operational or within an audit /control function) covering Infrastructure. With experience in one or more of the following areas: ITIL service management processes, Unix/Linux, Windows, databases, networks, mainframe, midrange, middleware, cloud, storage or data centres.
o Exposure to and usage of data analysis tools to support audit /control work or as part of operational leadership
• 5+ years experience demonstrating a proven track record of high performance in previous roles, including:
o 3+ years experience of working in or auditing financial services environment and an understanding of relevant regulatory environment.
o 3+ years experience of development and execution of testing strategies to assess control environments as part of an internal or external audit role/function, or as part of a risk management function.
Desirable skills/Preferred Qualifications:
• Relevant professional qualifications (e.g. CISA, CISM, CISSP, CRISC or other relevant technical qualification; and graduate degree).
• Financial services industry business process knowledge.
• Practical understanding of relevant regulatory environment and working with regulators (e.g. FRBNY, FDIC, SEC, NY DFS, PRA, FCA, etc.).
• Knowledge about new and emerging technology and IT services including cloud (e.g. Amazon Web Services, Office 365, ‘Big Data’, etc.)
• Proven track record of high performance in previous roles.
• Strong oral and written communication skills
• Practical understanding of relevant regulatory environment