• New York

  • $

    145,000 Per Year

  • Permanent

Reference: 23163


James Dappert
D: +1 646 766 1242
Address: 45 W 45th Street, 14th floor, New York, NY 10036, Tel: (+1) 646 766 1210
SMBC – IT Audit QA Manager
SMBC is seeking an IT Audit QA Manager within the Internal Audit Department’s (IAD) professional practice management team (PPM).
The PPM function sets the foundation in leading and managing a progressive internal audit department permeated with continuous improvement spirit and solid actions. The PPM function provides an open, unique career development platform for an ambitious candidate with innovative and inquisitive mindset.
The successful candidate will be provided with plenty of exciting opportunities to demonstrate and improve her/his technical skills, managerial capabilities, and leadership by covering multiple key tasks, including but not limited to:
IT Quality Assurance
• Conduct quality assurance (audit planning memo, report, workpaper reviews) during/after IT audits. Report the results of QA to the Head of PPM and other IAD Management members. Communicate with IAD staff about the QA results for future improvements.
• Review the results from annual risk assessment and continuous monitoring process, and provide value added inputs.
• Become a center of excellent related to IT audit practice and IT knowledge in general.
• Prepare IT QA reports with minimal supervision.
Methodology / Process Enhancements
• Active participation in creating and implementing various new methodology/frameworks within the department, such as risk assessment methodology, framework of annual audit plan, and continuous auditing methodology.
• Deliver effective training to the staff, obtain their feedback and continue to enhance the department’s methodology and process.
• Participation in preparing reporting materials to the Audit Committee and other management committees.
Data Analytics
• Work with other Data Analytics team members to further advance internal audit’s capability and capacity in data analysis. Provide innovative solutions and bring in cutting edge techniques to improve the depth and breadth of audit coverage, continuous monitoring and continuous auditing in an efficient manner.
Special Projects
• Assist the department through special projects to enhance various aspects of its execution in departmental operations and audits.
This position will require the individual to:
• Conduct Data Analytics, Quality Assurance (QA) of internal audit activities, and also to create and implement various new frameworks to enhance its internal audit activities of the department
• Conducting data analysis projects in support of individual audit engagement, continuous monitoring and continuous auditing
• Conducting quality assurance (audit planning memo, report, work-paper reviews) during/after audits. Report the results of QA to IAD management and Head Office Global QA team. Communicate with IAD staff about the QA results for future improvements
James Dappert
D: +1 646 766 1242
Address: 45 W 45th Street, 14th floor, New York, NY 10036, Tel: (+1) 646 766 1210
• Create and implement various new frameworks/processes within the department, such as data analytics framework/process, staff skill assessment, training program, framework for audit-able entities risk assessment and annual audit plan, continuous auditing or other various metric analysis, etc
• Administrate local audit software database
• Deliver training to the department, revise audit procedure and audit manual
• QA review follow-up of regulatory issues and internal audit findings
• Participate in preparing materials for the Audit Committee, management committees and head office
Qualified candidates will have a minimum 7 years in the fields of Information Technology (IT), such as Architecture, Infrastructure, Development and Information Security) and IT Audit.
Direct experience in IT Management beyond audit will be highly sought after. The successful candidate should have broad knowledge across some or many of the following areas and should be able to translate her/his knowledge when reviewing IT auditor’s workpaper and conclusion in order to form the QA conclusion.
• IT standard frameworks, such as ISO 27001/27002, ITIL and COBIT
• IT strategy, governance enterprise architecture and security architecture
• Security concepts related to DNS, routing, authentication, VPN, proxy services and DDOS mitigation technologies
• Operating systems and programming
• Firewall and intrusion detection/prevention protocols
• Secure coding practices, ethical hacking and threat modeling
• Network security architecture development and definition
• Third party auditing and cloud risk assessment methodologies
• NIST, GLBA and SOX compliance assessments
Preferred Education/Licenses/Certifications/Registrations:
• Bachelor's degree in Computer Science, Information Technology, Information Security, Data Analysis, Math, Statics or other related majors. Master degree is a plus.
• CISSP, CISA, or other IT and data analytics related professional certificates are strongly preferred.