The IT Auditor, working with the Global Head of IT Audit and the IT Audit Managers will assist in the annual risk assessment process, perform IT Audits, IT Sarbanes Oxley (SOX) testing, and participate on special project teams, including data analytics projects, on an as needed basis. Using a risk-based approach (e.g., COBIT, COSO, Risk IT, NIST, ITIL), combined with on-site audits and continuous monitoring to evaluate and analyse the efficiency and effectiveness of controls.
The IT Auditor will work with Internal Audit Management to gain an understanding of the audit process (which includes but is not limited to the following):
- Overview of the internal audit and SOX processes;
- Overview of the roles within the Department;
- How the risk assessment process is performed;
- How the audit process is performed including: planning, audit programme preparation, performing audit tests;
- Drafting of audit and SOX observations; and
- Assist Management in the remediation of these findings.
It is expected that as the Auditor gains a working knowledge of the above, he or she will be able to take on greater responsibilities in writing detailed audit programs to test the internal controls, analyse the impact of issues noted, document findings and interface with line management to confirm accuracy of observations and agree upon action plans.
To support the IA function in providing Management and the Board with an independent assessment on the adequacy and effectiveness of the group's (BGC and Cantor) processes for controlling its activities and managing its risks. The IT Auditor is expected to work with the IT Audit group in accomplishing the following:
- Delivering a portfolio of high quality audits, working collaboratively with Technology and Financial/Business audit colleagues globally.
- Establish and maintain effective relationships with middle-level IT Management across the Firm to better position the IT Audit function to perform audits and provide value-added services to our clients.
- To produce effective reports and opinions which successfully influence Executive Management to manage risk prudently and within the Company's risk appetites.
- To promptly respond to and complete ad-hoc business requests .
- To positively participate as part of the wider IA team in all situations.
- Ensure outstanding issues are clearly positioned with senior stakeholders to enable management to resolve in a reasonable timeframe.
- Ensure that audits are delivered on time and to a high standard.
Key Contacts and Working Relationships:
- Establish and maintain relationships with key stakeholders within IT.
- 1-3 years' experience of performing IT and SOX audits or IT Department/Risk/Compliance work experience.
- Experience of performing IT audits or working in an IT Department with a solid understanding of both infrastructure and applications.
- Excellent verbal and written communication skills.
- Familiarity with MS Office including Word, Excel, PowerPoint, Outlook.
- Ability to follow directions and receive constructive feedback on work products submitted for review.
- Keep up to date with IT developments, legislation and regulatory requirements.
- Strong analytical and investigation skills.
- Self-motivated and able to work independently and as part of a team.
Education/ Experience Requirements:
- Undergraduate degree in Information Technology, Computer Science, Management Information Systems or other related discipline preferred, or equivalent IT work experience.
- One or more certifications (CISA, CRISC, CISSP, etc.) preferred.
- IT Audit or IT Risk Management experience preferred.