The Senior IT Auditor indenpendently performs IT internal audits, collaborates co-sourced and out-sourced IT audit engagements. The Senior IT Auditor is  responsible for direct communication with management during IT audits. The Senior IT Auditor performs ongoing operations by analyzing process flows through observation, interviews, or through review of documented process. Identify audit tests and recommend automation to assist auditee and enhance processes.

Principal Duties & Responsibilities:

• Lead and manage all phases of Information Technology audits in accordance with the audit plan approved by the Audit Committee. This includes planning the audit, assessing risk, performing field work in accordance with generally accepted auditing standards, evaluating internal controls for adequacy, and preparing related working papers to document work performed and substantiate conclusions reached

• Identifies and discusses findings and recommendations as a result of the audit with appropriate bank management. Prepares Corrective Action Plan during the audit field work for the Audit Manager to review and issue.

• Participates in drafting audit reports to Senior Management Reporting Corrective Audit Plans resulting from audit work performed.

• Serve as a key participant in advancing the data analysis capabilities of the Internal Audit department.

• Identify opportunities to partner with audit teams and utilize analytics to improve risk assessment, audit coverage and execution, and/or identification of issues.

• Perform additional research, as necessary to remain up-to-date on new analytics techniques, tools and areas of interest; provide this information to audit teams for planning and audit execution purpose..

• Participates in completing special investigations in the event of any significant losses or defalcation by employees in order to assemble data for use by regulatory agencies, attorneys, and bonding agencies.

• Provides analysis, interpretation, status, and advice to audit managers regarding audit projects.

• Provide regular updates to the Audit Manager with meaningful metrics.

• 2-4 years experience in IT auditing, internal auditing, external auditing of financial institutions or regulatory examination with thorough knowledge of practices, principles, and interrelationships of banking functions.

• Strong information technology foundation including infrastructure and cyber security risk, with an ability to identify risks and controls in regards to various IT related areas (e.g. security, operations, change management, etc.).

• Understanding and knowledge of Active directory, Windows OS, Oracle and SQL databases.

• Understanding of network infrastructure devices and capabilities including routers, firewalls, intrusion detection/prevention systems and wireless technology.

• Comprehension of IT general controls, application controls, and business process reviews.

• Experience with core banking platforms highly preferred.

• Requires skills in fact-finding, analysis, problem solving and decision-making.

• Detailed oriented with excellent project management, organizing and planning skills.

• Expert PC skills including but not limited to Excel, Word, Power Point, Adobe, and Outlook.

• Experience with COBIT, COSO and exposure to NIST SP 800-53 a plus.

• ACL, Tableau or SQL experience preferred.

• Bachelor's Degree in Computer Science, Information Systems, Information Technology, or related field.
• An equivalent combination of education and relevant professional experience may be considered in lieu of a degree.
• Certified Information Systems Auditor (CISA), Certified Internal Auditor (CIA), Certified Information Systems Security Professional (CISSP), or other relevant audit certification/designation a plus.

• Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities.
• Please view Equal Employment Opportunity Posters provided by OFCCP here.
• The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor's legal duty to furnish information. 41 CFR 60-1.35(c)
• Reasonable accommodation may be made to assist individuals with disabilities to complete the online application process. Please contact our Human Resources Department at 305-577-7680 or by e-mail at employment@citynational.com.