The primary purpose of this job is to direct all aspects of the information technology and security audit program for PenFed’s information systems and operations. This position is responsible for audit planning, performance and reporting, coordination of examinations by federal and/or state regulatory agencies, interacting with senior PenFed and affiliated entity officials, and serving as a functional expert on information technology risk assessment and internal control in the financial services industry.
Essential Functions
Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. This is not intended to be an all-inclusive list of job duties and the position will perform other duties as assigned.
Direct a comprehensive information technology and security audit program for complex banking systems and controls, ensuring the effective accomplishment of internal audit goals and objectives established in support of PenFed’s mission and strategic initiatives.
Identify and evaluate significant exposures to risk and contribute to the improvement of risk management and control systems. Collaborate in designing solutions and building plans for correcting information technology control weaknesses and deficiencies.
Ensure that audit planning, performance and reporting are executed in accordance with professional auditing standards and departmental policies and procedures. Relatedly, direct actions necessary to produce high quality audit reports that are factually accurate, logically supported and fair and balanced.
Actively support follow-up on audit recommendations to ensure the actions taken correct the reported conditions.
Lead in the design of innovative approaches to assessing risk in PenFed’s enterprise architecture and deployment of information technology resources and accomplishing essential audit tests. Actively use technology to facilitate audit performance and monitor audit progress.
Interact routinely with senior PenFed and affiliate officials, ensuring that the department is professionally represented and that audit responsibilities and positions are clearly and effectively presented. Keep the Chief Audit Executive and cognizant program officials fully and currently informed on audit activities, and help ensure that a “no surprises” communication environment is maintained.
Prepare professional audit reports on findings noted in the course of audit work and collaborate with management to develop effective recommendations. Ensure that risks are adequately identified and addressed for each audit.
Serve as a functional expert in risk assessment, internal control, and audits of information technology and security programs and activities in the financial services industry, including analyzing emerging risks in order to develop and adjust the risk-based audit plan to help mitigate those risks. Relatedly, provide technical oversight of contractors providing information technology audit services.
Lead by example and with professional care in the management of assigned audit staff, ensuring that each member is highly motivated, soundly guided and directed, and provided opportunities for professional growth and development. Ensure each staff member is treated with fairness and respect, individual performance is objectively assessed, accomplishments are recognized, developmental needs are addressed, and continuing professional education requirements are met.
Act as a liaison with external governing bodies (e.g. NCUA, CFPB) examination teams to ensure coordination of management requests and audit assistance.
Desired Skills and Experience
Education and Experience
Equivalent combination of education and experience is considered.
Bachelor’s Degree in Engineering, Computer Science, Business or related field required.
Master’s Degree in Business Administration or Information Technology is preferred.
Minimum of seven (7) years’ of experience in Information Technology and Security auditing in the financial services industry and/or financial regulatory environment is required.
Supervisory Responsibility
This position will directly supervise the IT Audit Manager and IT Auditors.
Licenses and Certifications
A Certified Information Systems Auditor (CISA) is required.
Pass it on for Referral Bonus. Not the right role for you, but know someone we should meet? Share with him to earn $1,000 referral bonus.
Posts
