Auditors work independently on audits and/or on tasks delegated to them within the scope for audits for a specific business/functional area/region and may sometimes work on multiple audits at the same time. They will evaluate the adequacy and effectiveness of internal controls relating to the risks within those business areas, working under moderate supervision, e.g. in complex situations.
They will proactively develop and maintain professional consultative working relationships within their own function and with stakeholders inside the bank and respective support areas. They will use a range of approaches to collect relevant information to assess key risks, resolve issues or carry out tasks.
Auditors work in a co-operative manner with subject matter experts and other teams from across the function and outside the function to provide ‘front-to-back’ audit coverage.
They may occasionally participate in ad-hoc projects.
Additional Job Description
Details of the role and how it fits into the team:
- You will be responsible for auditing the Bank’s infrastructure technology mainly with regards to IT General Controls (ITGC) e.g. Change Management, Identity and Access Management, Security Logging and Monitoring, Physical Security, etc.
- You will be involved in the planning, preparation, coordination and execution of audits to evaluate the adequacy and effectiveness of technology controls within the Bank’s technology departments.
- You will undertake audit assignments, draft and consolidate audit reports as well as tracking and closing audit findings.
- Work closely with colleagues in New York, Jacksonville, London, Frankfurt, Singapore, and Shanghai.
- Plan, prepare, coordinate and execute audits to evaluate the adequacy and effectiveness of IT infrastructure technology controls in accordance with Group Audit’s Methodology.
- Contribute to Continuous Monitoring and overall implementation of Group Audit Methodology.
- Undertake audit assignments, draft and consolidate audit reports for review by audit management and facilitate finding tracking and validate closure of findings.
- Participate in ad hoc projects and special inquiries.
Your skills and experiences:
- University degree in computer science, mathematics, engineering or a related scientific degree. Certifications as CISA, CISM, CISSP or equivalent qualification in the areas of information security, project management or process-/quality management would be an advantage.
- Experience in IT Audit, IT risk management or information security. Demonstrable experience in one or more of the following disciplines: IT infrastructure, IT production, IT operation such as system administrator, database administrator, operator in a data center or software development for IT infrastructure applications.
- Very good written/verbal communication skills and the ability to communicate effectively in conflicts and at all management levels. Language skills beyond English are not a requirement, but are generally useful.
- Flexibility, pro-active, self-sufficient and innovative with strong organizational skills to take ownership and responsibility of agreed targets and meet them within budget to enable a timely and efficient completion of audit projects.