Job Description:
The CIB CTC Audit & Regulatory, Controls Attestation manager is an IT audit specialist who uses this expertise to manage planning and execution of 3rd party attestation engagements (SOC1, SOC2, ISAE 3402, AT-C 205) as well as ensure readiness and remediation across internal/external audit and regulatory exam scopes, ensuring ability to meet the demands of external clients across lines of business. Remediation includes management of audit findings, root cause analysis, regulatory intelligence and change management.
The role requires interaction with various stakeholders including Technology Risk & Controls managers, technology management as well as interfacing with external and internal auditors to help drive global consistency in our approach, execution and reporting across the global technology and technology risk functions. Successful execution of responsibilities requires strong program management, influencing, partnering, and communication skills interacting cross line of business and corporate teams.
Key Responsibilities:
Coordinate with key stakeholders -- including external and internal auditors, technology management, lines of business, various risk functions, operations and program governance teams to:
by via developer jobs - Stack Overflow
The CIB CTC Audit & Regulatory, Controls Attestation manager is an IT audit specialist who uses this expertise to manage planning and execution of 3rd party attestation engagements (SOC1, SOC2, ISAE 3402, AT-C 205) as well as ensure readiness and remediation across internal/external audit and regulatory exam scopes, ensuring ability to meet the demands of external clients across lines of business. Remediation includes management of audit findings, root cause analysis, regulatory intelligence and change management.
The role requires interaction with various stakeholders including Technology Risk & Controls managers, technology management as well as interfacing with external and internal auditors to help drive global consistency in our approach, execution and reporting across the global technology and technology risk functions. Successful execution of responsibilities requires strong program management, influencing, partnering, and communication skills interacting cross line of business and corporate teams.
Key Responsibilities:
Coordinate with key stakeholders -- including external and internal auditors, technology management, lines of business, various risk functions, operations and program governance teams to:
Identify and lead x-LOB teams in identifying appropriate response to external auditors with respect to potential and confirmed control exceptions, including identification of relevant compensating controls for deficiencies
Oversee remedial workstreams, assessing effectiveness of proposed solutions and driving timely and effective solutions to control issues potentially impactful to programs
Lead proactive readiness- assessments (platforms, tools, applications) to ensure controls are suitably designed and placed in operation, and that appropriate governance is in place to avoid impacts to external audits
Obtain early visibility into potential changes to program scope, facilitating readiness
New Reports: Partner with internal business owners, O&C and external auditors to identify appropriate form of reporting (e.g., SOC1, SSAE3402, AT-205, and ISAE 3000) to meet client and/or regulatory requirements; taking the lead in report development, readiness and execution.
Ensure quality standards are achieved in development and maintenance of program documentation
Communication to key stakeholders to ensure a no surprises environment, and facilitate development, maintenance and delivery of consistent and meaningful reporting and metrics
Timely reporting on program status to senior management stakeholders
Development of educational / guidance resources for use by Technology Risk & Controls and Technology personnel
People leadership, including performance management and development
Subject matter expertise in forms of controls attestation reporting (e.g., SOC1, SSAE3402, AT-205, ISAE 3000, etc.)
8+ years equivalent experience dedicated to leading execution of IT controls attestation engagements, including SOC1 and/or SOX
Minimum of four years of Manager level Big Four IT Audit experience required, including specific experience leading planning and execution of SOC and/or SOX audits
Confidence and self-assurance in interactions with external auditors and ability to reach across the firm to engage appropriate management, set agendas, lead calls with senior management and drive actions to meet program objectives
Strong exceptions analysis and issue management capabilities
Deep knowledge of auditing of IT general computer controls and application controls
Strong program management skills, with proven ability to deliver quality results in a deadline-driven environment
Must be a detail oriented, quality-focused manager; with strong documentation and reporting skills
A problem solver with proven ability to evaluate processes, controls, identify weaknesses and potential solutions
Ability to work effectively in a global team environment and drive results in a matrixed organization
A strong sense of ownership, commitment to quality and attention to detail
Excellent interpersonal skills - verbal communications, written communications, and track record of collaboration
Intellectual rigor, emotional intelligence, high energy and a passion for the delivery of high quality project outcomes
by via developer jobs - Stack Overflow
No comments:
Post a Comment