Lead IT Auditor

Overview

Are you ready to lead complex engagements and make a significant impact? As a Lead IT Auditor, you'll have a unique opportunity to grow, learn, and provide assurance over a fast-paced IT environment undergoing digital transformation and modernization efforts, ensuring our IT infrastructure is robust and secure. Come join us and be at the forefront of innovation and excellence!

Role Overview: To lead the planning and execution of complex IT, information security, and integrated audits. Act as Auditor-In-Charge on audits, provide guidance and direction to Internal Audit staff, and participate in Internal Audit initiatives. Play a role in promoting partnership, trust, and accountability within our organization and building deeper relationships with our audit stakeholders.

Talent Quest

This position is eligible for the TalentQuest employee referral program. If an employee referred you for this job, please apply using the system-generated link that was sent to you.

Responsibilities

• Plan, conduct, and lead the most complex and high-risk IT and/or integrated audits in accordance with Navy Federal and industry audit standards
• Analyze and assess Navy Federal's technological infrastructure to ensure processes and systems run accurately and efficiently, while remaining secure and meeting compliance regulations
• Plan and execute audits of the organization's IT systems confidentiality, availability and integrity of system and processes
• Develop risk-based audit objectives, scopes, and test plans to ensure NFCU's IT systems and infrastructure comply with regulations, requirements, policies, and standards
• Consistently act as Auditor-In-Charge on IT/integrated audits, including on those of higher risk/complexity, providing guidance, coaching, and direction to Internal
• Audit staff regarding Navy Federal practices and industry standards
• Lead multiple audits simultaneously as Auditor-in-Charge. Coach auditors to apply critical thinking skills by seeking to understand and execute assigned control testing and document results according to professional and internal standards
• Lead coordination efforts with points of contact and first/second lines of defense to conduct preliminary research, lead process walkthroughs, document process narratives and workflows, identify key risks and controls, and obtain audit evidence for testing
• Identify and pursue opportunities to leverage data analytics and technology to drive deeper risk coverage and insights to business partners
• Review and analyze audit evidence and results of testing to determine design and operating effectiveness of controls.
• Identify, quantify, and communicate issues and provide risk-based recommendations to implement and enhance internal controls to management in a timely manner
• Prepare a portion of the audit workpapers, focusing on complex and high-risk areas, to document relevant information obtained, analyzed, and evaluated that support audit observations/issues and conclusions
• Review audit workpapers to confirm that relevant information was obtained, analyzed, and evaluated to support audit observations/issues and conclusions
• Work collaboratively with other departments and stakeholders to provide insights and recommendations for improvement.
• Partner with business areas to ensure adequate remediation plans are developed and implemented
• Draft high-quality, well-written, and timely audit reports for senior management, the President/CEO, and the Supervisory Committee
• Mentor auditors and/or support staff in the execution of audits by supporting them in the identification of risks and controls, development of audit programs, and resolution of issues
• Manage audit timelines to ensure the timely reporting of identified risks and issues; report delays and issues in overall audit to management and lead resolution of audit project issues
• Participate in Internal Audit strategic initiatives and act as a champion of change and continuous improvement
• Stay abreast of and ensure compliance with applicable federal, state and industry laws, regulations, and guidelines
• Actively monitor and stay current with evolving industry trends, technology, and emerging risks that may impact the company
• Perform other duties as assigned

Qualifications

• Minimum five years of experience in IT audit
• Advanced knowledge of IT control concepts and practices and risk-based auditing techniques
• Expert knowledge of IT Risk, General Controls, Information Security Frameworks and best practices
• Expert knowledge of technology and financial systems risk assessments and documentation
• Experience as an Auditor-in-Charge over IT/integrated audits
• Significant experience managing multiple priorities independently and operating well in a team environment to achieve goals
• Advanced interpersonal and communication skills, including experience working with all levels of staff, management, stakeholders, and vendors
• Significant experience in collaborating across organizational boundaries and building partnerships across various functions
• Advanced interpersonal and communication skills, including experience working with all levels of staff, management, stakeholders, and vendors
• Advanced skill to influence, negotiate & persuade to reach agreeable positive outcomes
• Advanced skill presenting findings, conclusions, alternatives, and information clearly and concisely
• Expert organizational, planning and time management skills
• Advanced word processing and spreadsheet software skills
• Expert critical thinking, analytical, and problem-solving skills
• Bachelor's degree or the equivalent combination of experience, education, and training

Desired Qualifications

• IT Certifications - CompTIA A+, Network+, Security +, CISA, CRISC, CISSP or GIAC Security Essentials (GSEC) Certification, Certified Internal Auditor (CIA), Certified Public Accountant (CPA)
• Cloud certifications - AZ-900 (Fundamentals), AZ-500 (Security Engineer), AWS Cloud Practitioner, AWS Solutions Architect Associate/Expert, AWS Security Specialty, GCP Digital Leader, GCP Professional Cloud Architect, GCP Professional Security Engineer
• Cloud experience, including Oracle, Azure, Pega, MS Dynamics. GCP, AWS
• Knowledge of the Federal Financial Institutions Examination Council (FFIEC) IT Examination Handbook and IT Booklets
• Master's degree in Computer Science, Information Technology, or related field

Hours: Monday - Friday, 8:00AM - 4:30PM

Locations: 820 Follin Lane, Vienna, VA 22180 | 5550 Heritage Oaks Drive, Pensacola, FL 32526 | 141 Security Drive, Winchester, VA 2260

About Us