As the third line of defense, Internal Audit’s mission is to independently assess the firm’s internal control structure, including the firm’s governance processes and controls, and risk management, capital and anti-financial crime frameworks, while also raising awareness of control risks and monitoring the implementation of management’s control measures. In doing so, Internal Audit:
The Core Engineering audit team performs reviews of technology risks and controls within a challenging, dynamic and complex business and technology environment. The team covers core technology infrastructure platforms (cloud computing, database and big data), end user platforms (desktop, collaboration, e-Mail/messaging, web and mobile technologies), enterprise platforms (software development/SDLC, identity access management, job scheduling and workflow technologies) and production operations (on-premise operating systems and other centralized production systems).
As part of the third line of defense, you will be involved in independently assessing the firm’s overall control environment, and communicating the results to the firm’s local and global management. Assessments include evaluating the effectiveness of the firm’s controls that mitigate current and emerging risks, and monitoring management’s implementation of control measures. In doing so, you are supporting the provision of independent, objective and timely assurance around the firm’s internal control structure while also supporting the Audit Committee, the Board of Directors and Risk Committee in fulfilling their oversight responsibilities
You will play a vital role in the scoping and planning of the audits, deploy audit and analytical procedures and techniques to assess the design and operating effectiveness of the controls to mitigate the risks, and discuss the results with the firm’s local and global management. In addition, you will also monitor and follow up with management on the resolution of open audit findings.
A strong background in technology engineering and a proven technology audit background are necessary. Experience in cybersecurity is a plus.