AVP- IT Audit
- Information Technology, Infrastructure and General Controls Audit Team
This role is part of the IT Infrastructure and General Controls Audit Team. This Audit Team will audit State Street's data centers, networks, operating systems, cybersecurity and key IT general control processes. Information Technology Senior Auditor, Infrastructure
The IT Audit In-Charge will be part of the IT Infrastructure and General Controls Audit Team.
The IT Audit In-Charge will have technical knowledge in Internet Security, UNIX, infrastructure, workstations, cybersecurity, networks Servers (Windows NT, Novell), network devices (routers, switches, firewalls) and network management (load balancers, firewalls, IDS/IPS, VPN, VOIP, etc.).
This role is to lead audit and review networks/systems, corporate security policies, systems and network architectures, documentation review and development, vulnerability assessments and security testing and evaluation.
The IT Audit In-Charge will participate in the performance of audits, specifically focusing on fieldwork and testing the internal control environment and in the reviews of information technology processes and controls.
The IT candidate should clearly demonstrate proficiency in evaluating and testing internal controls and in applying audit skills.
The IT Audit In-Charge will review and complete audit work papers and memoranda by documenting audit tests and findings in an automated Audit Workpaper program.
The IT Audit In-Charge will be responsible for monitoring and communicating audit progress and findings by preparing reports and providing information in meetings. .
The IT Audit In-Charge applies skills using the Division methodology.
He/she can be relied upon to independently perform technical portions of an audit in accordance with Corporate Audit Department and Institute of Internal Auditor standards. Qualifications:
BS/BA preferred in Computer Science or Information Technology or related field.
Must have a CISA or be willing to take the CISA exam within 1 year.
A CISSP, CIA, CPA, CFE, CAMS a plus.
Technical skills would include:
Database (Oracle[12 and VLDB/Exadata], MS SQL, Hadoop, Sybase, DB2)
Enterprise security products (AD, LDAP, Siteminder, Ping) Tools (Qualys, ISIS, Spiceworks) Add-Ons (Quest, Symantec CSP, Cisco NCM)
Network Skills (load balancers, firewalls, IDS/IPS, VPN, VOIP, etc
Large scale enterprise with diverse infrastructures
Design and architecture experience over day to day support
Responsibility to design implement and maintain security of the products over operational support.
The individual in this position generally has five plus years of highly specialized technical experience and clearly demonstrates proficiency in applying that experience to evaluate and test internal controls in audits of a highly technical nature which cannot be covered by the general audit staff.
Previous work experience in information technology audit or technology area.
The candidate must have strong communication skills, both verbal and written, and be able to research industry regulations when necessary. Travel:
The IT Audit In-Charge will travel to State Street offices globally up to 20 % annually.
globally up to 20 % annually.