The Business Process Assurance (BPA) Manager will be responsible for coordinating and delivering internal audit services as part of the BPA team and interfacing with coworkers, third party internal audit providers and external auditors in their delivery of services. An integral part of this role is to provide advice on internal control to management and recommendations for business process enhancements.
Key Areas of Responsibility
Perform audit procedures to verify that controls are operating through testing and analysis and conclude on control effectiveness and identify opportunities for improvement.
Serve as a consultative advisor to internal stakeholders to ensure timely and consistent implementation of controls and business process enhancements.
Coordinate and interface with external auditors to facilitate the delivery and analysis of audit information and results.
Participate in enhancing internal audit standards and practices within BPA.
Oversee and manage completion of SOX IT controls testing by third party internal audit resources.
Plan, organize and execute IT, information security, operational and compliance related internal audits, assessments and special projects.
Participate in the IT risk assessment process and support in creating the IT audit plan.
Participate in select steering committees/working groups for significant projects to help ensure IT control considerations are included early and frequently throughout the duration of the project.
Build relationships with key stakeholders across various functions to remain knowledgeable of developments across the organization and ensure recommendations and action items resulting from reviews are implemented.
Education and/or Experience Qualifications
- Bachelor's degree in a relevant major focus area.
- 6 years of applicable professional experience with a minimum of 3 years of audit experience.
- Excellent written and verbal communication skills with the ability to effectively interact with all stakeholders including senior leadership.
- Strong background in identifying risks, controls and opportunities for improvements associated with business processes, developing and executing audit test plans, and drafting audit reports with summary results for executives.
- Strong project management experience with history of balancing competing priorities and ability to adapt to the changing needs of the business while meeting deadlines.
- Demonstrated ability to build and maintain strong cross-functional relationships.
- Professional experience in IT audit, information technology, and/or information security.
- Relevant professional certification (e.g., CISA, CISM, CISSP, CRISC).
- Strong knowledge of IT control frameworks such as NIST CSF, NIST SP 800-53, COBIT, CIS CSC and experience with regulations/requirements such as SOX, GDPR, PCI DSS, and HIPAA.
- Working knowledge of various operating systems, database platforms, cloud platforms, network and system architecture concepts and technologies, SDLC methodologies.
- IT infrastructure-related audit experience.
- Cybersecurity controls experience desirable.
- Degree focus area in Information Systems, Information Technology, Accounting, Finance or Business Administration