Our client in the financial services sector is looking for an IT Audit Manager for an 18-month contract. The role will require working in office, in the downtown Toronto core, 4 days a week. Job : 439769
Responsibilities:
Technology, Data Risk & Audit Execution
- Lead and participate in technology audits, evaluating the design and effectiveness of controls related to:
- Technology infrastructure (networks, servers, databases).
- Enterprise applications and systems.
- Cybersecurity frameworks and controls.
- Cloud services (Azure).
- Identity Access Management (IAM) and data security.
- ITGCs, Interface and application controls.
- Develop and implement audit approaches and coverage strategies to ensure comprehensive risk assessment.
- Provide assurance over key risk management strategies, ensuring alignment with industry best practices.
- Provide coaching and guidance to junior auditors ensuring timeliness and quality of deliverables.
- Perform continual assessment of emerging risks, suggesting adjustments to audit plans accordingly.
- Ensure audit work is conducted in accordance with industry standards (e.g., ISACA, IIA, NIST, ISO 27001, COBIT).
- Document audit findings and recommendations in a clear, concise, and actionable manner for senior leadership.
Strategic Advisory & Stakeholder Collaboration
- Work closely with Technology & Data leadership, Enterprise Risk, and Compliance teams to align audit activities with business objectives.
- Act as a trusted advisor to business units, offering insights on best practices for IT governance, risk, and compliance.
- Influence strategic decisions by providing data-driven insights on IT risk management.
- Foster strong relationships with business partners and other stakeholders to enhance risk awareness and control effectiveness.
Innovation & Continuous Improvement
- Leverage data analytics and automation to enhance audit efficiency and effectiveness.
- Stay updated on emerging technologies, cybersecurity threats, and regulatory changes to ensure audit methodologies remain relevant.
- Analyze complex IT systems to identify areas for improvement and recommend effective solutions.
- Communicate complex technical risks in a business-friendly manner to senior leadership.
Requirements
- Bachelor's degree in Computer Science, Information Systems, Business, Accounting, or a related field.
- Professional certifications (at least one required): CISA, CISSP, CRISC, CISM, CGEIT, CIA
- Knowledge of IT governance frameworks (COBIT, NIST, ISO 27001) is essential.
- 7+ years of experience in IT auditing, internal audit, technology risk management, or cybersecurity assessments.
- Strong understanding of IT general controls (ITGCs), application controls, cloud security, and data governance.
- Experience with audit methodologies, risk management practices, and regulatory compliance in financial services or investment management.
- Proven ability to write succinct audit findings/reports that provide meaningful insights to senior leadership.
- Strong organizational/project management skills, the ability to manage end to end audits and achieve multiple deadlines, both internal and external.