Senior IT GRC Auditor - Miami Florida

IT GRC Auditor Consultant
ONSITE CORAL GABLES MIAMI FLORIDA
www.elevateconsult

Are you passionate about working in a complex IT environment where security and data privacy are a primary focus of the business model Do you want to be a part of a dynamic complex and recession proof environment working alongside top notch IT professionals Do you want to join an established and wellrespected internal audit team that add value to the organization and is deemed as the business trusted controls and compliance advisor Are you available to be onsite (in Miami) and be mentored by VPs and Chief Executives If you answer yes then continue reading...

About the Position

Our client an investment management firm focused on investments in mortgages and consumer credit is seeking Senior IT GRC Auditor(s) to join their internal audit team. The ideal candidate will have strong experience cybersecurity frameworks (NIST ISO 27001 FFIEC CAT) compliance (NY DFS) data privacy process automation cloud security and data analytics software (i.e. ACL). Effective communication critical thinking and analytical skills are vital to this position.This role will be responsible for managing and conducting IT audits assessing IT security controls ensuring compliance and enhancing the organizations security posture.

This position requires a highly analytical detailoriented professional with experience identifying risks evaluating controls and providing strategic audit recommendations to senior management.

What Youll Do:

1. Assist with Annual Risk Assessment & Audit Planning
   • Attend interviews with Senior Management to discuss topics such as significant changes (people processes systems) strategic objectives risks and recommended audit focus.
   • Assist in the annual risk assessment based on established methodology to determine audit priority
   • Estimate the level of effort for each project by working with the team to identify the risks scope testing procedures and deliverables.
2. Audit Planning
   • Reviews the audit objectives and risks and works with the team to identify the detailed audit testing procedures
   • Holds preliminary scoping meetings with the department head(s) stakeholders and determines the best path to test the audit objectives while addressing the key risks
   • Estimates the level of effort to performing the audit and ensures the audit timeline is within the allocated annual budget timeframe
3. Audit Risk & Control Evaluation
   • Develops risk and control matrices to evaluate the design of key internal controls.
   • Develops Audit Program and detailed fieldwork steps.
   • Develops the auditee request for information (RFI).
   • Leads the daytoday audit procedures performs detailed control testing procedures and documents tests results. Assesses the results of the test plans and provides audit recommendations in the detailed audit report.
4. Audit Reporting
   • Independently identifies meaningful control gaps and develops recommendations that promote continuous improvement in risk management capabilities and the internal control environment.
   • Develops wellwritten audit reports that include a clear and concise summary of the scope of work performed conclusions reached and recommended control improvements noted.
5. Audit Methodology & Tools
   • Performs work consistent with the Companys Internal Audit Procedures and the Institute of Internal Auditors (IIA) International Professional Practices Framework (IPPF).
   • Contributes to ongoing improvements in internal audit methodology.
6. Project Management Communication & Reporting
   • Independently leads meetings to gather process understanding provide audit status updates and communicate audit results.
   • Team & Personnel Development
   • Pursues career development opportunities including relevant training professional certifications and/or association memberships. Shares information gained with coworkers.
   • Maintains all organizational and professional ethical standards including consistently upholding all Company Tenets (humility accountability responsibility creativity awareness suitability reliability diversity integrity fun balance and communication).
   • Other duties as needed or required.

What you Need to Get Hired:

• 35 years of experience working with IT internal audit risk and/or IT departments and performing readiness assessments or audits of business and IT functions working in an IT GRC Compliance function for large scale organization preferred
• Experience performing IT frameworks audits and IT risk assessments (e.g. NIST ISO 27001 FFIEC CAT) compliance (NY DFS) data privacy process automation cloud security and data analytics software (i.e. ACL)
• Experience in Audit Methodology & Tools
• Knowledge of and ability to consistently apply internal auditing principles and practices.
• Skilled in critically evaluating processes risks and controls.
• Demonstrates proficiency in documenting processes risks and controls in narratives flowcharts and workpapers.
• Moderate/Advanced Microsoft Excel abilities including ability to perform data analysis using pivot tables formulas or macros. Working knowledge of other Microsoft Office applications (Word PowerPoint Visio).
• Data analytics software (i.e. ACL Alteryx).
• Robotic process automation (i.e. UiPath).
• Artificial Intelligence (AI).
• Machine learning software.
• Enterprise auditmanagement software (i.e. AuditBoard)
• Project Management Communication & Reporting
• Able to leverage appropriate project management tools to monitor audit /timelines and provide transparent status updates to audit management.
• Capable of balancing multiple projects simultaneously through effective prioritization and multitasking skills.
• Skilled collaborator capable of effective interaction negotiation and problem resolution with audit and business personnel.
• Effectively able to lead meetings with team members and auditees and conduct process interviews/walkthroughs with business owners to gather needed information.
• Demonstrates effective business acumen and judgment that is recognized by audit and business managers.
• Able to develop present and assist in selling control improvement opportunities and business advice.
• Demonstrates proficiency in clearly and concisely documenting audit results in workpapers memos and audit reports.
• Team & Personnel Development
• Displays a strong work ethic.
• Ability to lead and motivate audit staff and be a team player.
• Experience working in or adequate knowledge of industries that include asset management lending and/or mortgage servicing a plus.
• Continually builds knowledge of the business and actively expands capabilities through research and focused training. Stays informed of new developments

Education and professional credentials

• Bachelors degree (in Management Information Systems Information Technology Computer Science Accounting Business Administration).

Preferred:

• Big 4 IT Audit experience in financial services preferred
• Certification as CISA CISSP and/or CISM or committment to obtaining an appropriate professional certification

• Familiarity with the following Institute of Internal Audit Standards (IIA)
  3 5 years of progressive Internal Audit leadership experience in a complex technology environment (Experience within IT Operations and/or IT Leadership roles within Infrastructure Security Application development considered a plus).

Travel Requirements

• This is required to work onsite with an office located in Miami Florida

PHYSICAL DEMANDS AND WORK ENVIRONMENT:

The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

While performing the duties of this job the employee is regularly required to sit and use hands to handle touch or feel objects tools or controls. The employee frequently is required to talk and hear. The noise level in the work environment is usually moderate. The employee is occasionally required to stand; walk; reach with hands and arms. The employee is rarely required to stoop kneel crouch or crawl. The employee must regularly lift and/or move up to 10 pounds. Specific vision abilities required by this job include close vision color vision and the ability to adjust focus.