The Senior IT Auditor assists with planning, executing and reporting audits of complex functionalities and output of various information technology systems, applications or platforms/operating systems, financial and statistical models, or risk management activities for compliance with corporate policies and procedures. Fully demonstrate generalized knowledge of the mortgage industry and the company's business operations. Demonstrate developing specialized knowledge of the mortgage industry and the company's business operations as it relates to models, risk management, or technology systems.
Apply specialized technical knowledge and expertise to perform reviews relating to the full life cycle of models, information technology applications, or risk management/analysis used across the company.
Successfully perform all key job functions of the Staff IT Auditor role at a higher level of complexity, scope and autonomy. Coordinate and lead audit team meetings to discuss the audit plan, including audit background, preliminary objectives/scope (identified during the Annual Audit Planning process), audit budget, audit execution schedule, affected departments, contacts and expectations. Take ownership and independently manage subsets of audits with minimal oversight from IT Audit Management.
Conduct first-level review of Staff IT Auditor’s work and documentation; leverage Internal Audit Management guidance as needed. Review audit documentation; begin to determine risks and the potential impact of risks on the organization. Perform root cause analysis on exceptions identified during audits. Validate and document Risk Control Matrix; write test procedures based on Risk Control Matrix. Draft audit reports; revise and finalize with Audit Management.
Write audit issues, discuss with audit management and validate issues with customers; assist with additional report writing as needed. Assist with tracking results of prior audits, identifying audit themes across organizations and determining if appropriate corrective action has been taken regarding significant audit concerns.
Contribute to strengthening and improving the governance, risk and control environment of the organization; share issues, ideas and recommendations with the Internal Audit Management and other Internal Audit teams.
Provide informal, day-to-day coaching and guidance to Staff Auditors. Share knowledge of specialty areas to build knowledge and capabilities across Internal Audit.
Build and maintain relationships with business partners at the manager and staff levels.
Provide advice and share Internal Audit knowledge with business partner managers and staff to strengthen governance, risk and control environments, as appropriate.
Bachelor's Degree or Equivalent
One or more of the following certifications: CIA, CPA, CISA, CISSP
3-6 years of related professional experience:
Knowledge, Skills, & Abilities:
Minimum 5 years of experience in IT audit, consulting, or risk management preferred
At least one of the certifications is required: CISA, CIA, CISSP, CPA
Working knowledge of technology infrastructure is required, e.g. Network, Operating Systems (Unix, Windows), Databases, Middleware, Web Applications
General understanding of information security practice, industry frameworks, and regulatory requirements related to Cybersecurity and/or Cloud implementation
Experience with DevOps and Continuous Integration/Continuous Delivery
Experience working within Agile methodologies
Critical thinking and data analytic skills
Excellent verbal and written communication skills
Medical, prescription, vision, & dental coverage
Flexible Spending Accounts and Health Savings Accounts
Paid vacation, holidays, and sick leave
Childbirth and adoption leave, childcare and eldercare resources
401K matching, retirement and financial planning
Employer Assisted Housing Program and Student Loan Repayment Assistance