Icon hamburger
Briefcase

Create Job Alert.

Enter your email below to save this search and receive job recommendations for similar positions.
Thank you. We'll send jobs matching these to
You already suscribed to this job alert.
No Thanks
US
What job do you want?

Create Job Alert.

Get similar jobs sent to your email

Apply to this job.
Think you're the perfect candidate?
Apply on company site
Thumsup

You’re being taken to an external site to apply.

Enter your email below to receive job recommendations for similar positions.
Manager, Internal Audit Information Technology & Security at The Options Clearing Corporation

Manager, Internal Audit Information Technology & Security

The Options Clearing Corporation Chicago, IL Full-Time
Apply on company site

Create Job Alert.

Get similar jobs sent to your email

The Options Clearing Corporation (OCC), the world’s largest equity derivatives clearinghouse, is seeking a Manager, Internal Audit Information Technology & Security. The Manager will provide leadership across the department in support of the strategic goals of the audit function.  This role will present comprehensive audit reports summarizing key risks, including providing expert consultative guidance to senior management for a complex technology environment, develop and maintain effective relationships and support management in achievement of their goals.  In addition, the Manager may interface with the Securities and Exchange Commission (SEC), Commodity Futures Trading Commission (CFTC), Financial Industry Regulatory Authority (FINRA) and external auditors.

Responsibilities:

The Manager, Internal Audit Information Technology & Security responsibilities will be aligned, but not limited to, four pillars:

Quality

  • Ability to clearly articulate professional principles and standards (i.e., AICPA, IIA IPPF, COBIT, NIST CSF, etc.) and the relevancy to risk management and impact on policies and procedures. In addition, leveraging these principles and standards to test and evaluate corporate risk management processes and controls.
  • Maintaining an understanding of policies, procedures, standards, and supporting technologies, and educating staff accordingly, to effectively identify potential risks and alternatives to mitigate risk exposure leveraging leading practices.
  • Keeping current on best practices and emerging risks in IT, information security, and cyber security within the financial services industry and making recommendations for improvements, as necessary.
  • Serving as a liaison with external parties and regulators to facilitate timely and efficient external reviews, knowledge transfer, and controls and process education.

Delivery

  • Aid in the development of the comprehensive audit plan on an annual basis for administration of several IT or information security audits held simultaneously.  
  • Defining and leading the execution of audit projects in accordance to the annual audit plan.  
  • Owning the audit quality, accuracy of results, delivery within budget, and in a timely manner.
  • Leading audits related to organization changes including requirements definitions, technology implementations, engagement, and alignment of change initiatives to business objectives.

Leadership

  • Participate in the development and execution of a comprehensive risk-based annual audit plan.
  • Lead and implement strategic initiatives related to new audit programs/processes, technology, or other initiatives. 
  • Planning, leading and reporting for risk-based and special request audit assignments.
  • Proactively identifying regulatory, IT, information security, operational, and/or strategic risks to the organization and deliver recommendations for improvements to senior leadership.
  • Developing, maintaining, and strengthening effective relationships with IT, business groups and leadership and partnering with management.

Team Development

  • Effectively lead audit staff, providing direction, clearly defined performance expectations, coaching and feedback, and recognition/motivation.  
  • Providing oversight and coaching to the team, both internal and/or co-sourced resources, confirming the delivery, quality, and auditee experience.  Act as a mentor and ensure that staff has a solid understanding of auditing procedures to conduct the audit.

Qualifications:

  • Exceptional customer service and collaboration skills required.   Strong analytical and verbal/written communication skills required. 
  • Demonstrated success in leading audit projects and implementing audit best practices in a complex technology environment for application systems development and infrastructure support.  Demonstrated success in identifying IT and security risks in complex technology environment and implementing controls/processes to mitigate the risks.
  • Strong working knowledge of the principles, practices, and techniques involved in conducting audits in accordance with the requirements set forth in the International Standards for the Professional Practice of Internal Auditing published by the Institute of Internal Auditors (IIA).
  • Demonstrated ability to analyze data, evaluate facts, and summarize and present clear and concisely in both oral and written context to senior leadership.
  • Ability to communicate clearly and effectively, both orally and in writing, including the ability to handle potentially sensitive situations and discussions.
  • Ability to manage a complex audit plan and lead the team, prioritizing multiple audit assignments to simultaneously complete each timely with high quality.
  • Strong problem solving and analytical capabilities.
  • Ability to understand the interaction between complex technology, business processes, and the associated impact on the ability to comply with regulations.
  • Strong proficiency using Archer or other audit or Governance Risk and Compliance software.
  • Bachelor’s degree (or equivalent) in Information Technology, Accounting, Finance, Business Administration, or related field.
  • Experience working in a complex, fast paced environment required.
  • Consulting/accounting firm experience is a plus.
  • Experience in Financial Services/Security Industry and working with regulatory organizations such as: SEC, CFTC, and/or FINRA required.
  • Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certification in Risk Management Assurance (CRMA), Certified Internal Auditor (CIA), Certified Public Accountant (CPA), or similar certification is required.
  • At least 4 years of experience leading IT risk-based audits and projects, and IT process reviews.

The Manager, Internal Audit Information Technology & Security responsibilities will be aligned, but not limited to, four pillars:

Quality

  • Ability to clearly articulate professional principles and standards (i.e., AICPA, IIA IPPF, COBIT, NIST CSF, etc.) and the relevancy to risk management and impact on policies and procedures. In addition, leveraging these principles and standards to test and evaluate corporate risk management processes and controls.
  • Maintaining an understanding of policies, procedures, standards, and supporting technologies, and educating staff accordingly, to effectively identify potential risks and alternatives to mitigate risk exposure leveraging leading practices.
  • Keeping current on best practices and emerging risks in IT, information security, and cyber security within the financial services industry and making recommendations for improvements, as necessary.
  • Serving as a liaison with external parties and regulators to facilitate timely and efficient external reviews, knowledge transfer, and controls and process education.

Delivery

  • Aid in the development of the comprehensive audit plan on an annual basis for administration of several IT or information security audits held simultaneously.  
  • Defining and leading the execution of audit projects in accordance to the annual audit plan.  
  • Owning the audit quality, accuracy of results, delivery within budget, and in a timely manner.
  • Leading audits related to organization changes including requirements definitions, technology implementations, engagement, and alignment of change initiatives to business objectives.

Leadership

  • Participate in the development and execution of a comprehensive risk-based annual audit plan.
  • Lead and implement strategic initiatives related to new audit programs/processes, technology, or other initiatives. 
  • Planning, leading and reporting for risk-based and special request audit assignments.
  • Proactively identifying regulatory, IT, information security, operational, and/or strategic risks to the organization and deliver recommendations for improvements to senior leadership.
  • Developing, maintaining, and strengthening effective relationships with IT, business groups and leadership and partnering with management.

Team Development

  • Effectively lead audit staff, providing direction, clearly defined performance expectations, coaching and feedback, and recognition/motivation.  
  • Providing oversight and coaching to the team, both internal and/or co-sourced resources, confirming the delivery, quality, and auditee experience.  Act as a mentor and ensure that staff has a solid understanding of auditing procedures to conduct the audit.

Recommended skills

Audit Planning
Iia
Information Systems
Information Technology
Management
Professional Services
Apply to this job.
Think you're the perfect candidate?
Apply on company site

Help us improve Careerbuilder by providing feedback about this job: Report this job

Report this Job

Once a job has been reported, we will investigate it further. If you require a response, submit your question or concern to our Trust and Site Security Team

Careerbuilder TIP

For your privacy and protection, when applying to a job online, never give your social security number to a prospective employer, provide credit card or bank account information, or perform any sort of monetary transaction. Learn more.

By applying to a job using Careerbuilder you are agreeing to comply with and be subject to the Careerbuilder Terms and Conditions for use of our website. To use our website, you must agree with the Terms and Conditions and both meet and comply with their provisions.