• Plan and execute risk-based audits of IT applications and infrastructure.
• Review IT risks and evaluate whether internal controls adequately address risks in new processes, products, and systems.
• Serve as an advisor to clients on IT control frameworks and system design.
• Audit client internal controls and recommend remediation for identified deficiencies.
• Collaborate with clients to assess the integration of information systems and business process controls.
• Perform IT risk assessments and technology control audits to identify vulnerabilities.
• Test internal security controls to validate effectiveness.
• Verify that user access rights are properly granted and revoked in line with policies.
• Guide clients on IT infrastructure and security gaps.
• Perform SOC 1 and SOC 2 examinations.

Skills: IT Auditing, Risk Assessment, Controls Evaluation, Security Testing, Access Management, SOC Compliance, Infrastructure Review, Process Integration

• Prepare work papers and coordinate the receipt of audit materials required to analyze, test, and evaluate the entity’s control environment.
• Conduct interviews, perform walkthroughs, and document results.
• Assess risks associated with various business objectives and evaluate the controls in place to mitigate those risks.
• Communicate audit findings to local management.
• Assist in planning engagements based on IT risks.
• Examine documentation and evaluate procedures in the control environment.
• Document conclusions and organize and reference work papers for supervisory review.
• Identify control weaknesses, assess their impact, and discuss practical solutions with management.
• Draft audit report findings and process improvements for review at closing meetings.
• Participate in closing meetings at the end of fieldwork by noting comments and providing clear explanations for findings and ratings.

Skills: Audit Documentation, Risk Assessment, Control Evaluation, Interviewing & Walkthroughs, Findings Communication, Engagement Planning, Report Drafting, Process Improvement

• Support multiple clients with financial transformation initiatives, adapting responsibilities per project.
• Drive process improvement initiatives to enhance financial operations.
• Perform FP&A activities to support forecasting and budgeting.
• Partner with CFOs, directors, and controllers on finance strategy and development.
• Manage financial close, reporting, and consolidation activities.
• Execute procure-to-pay and order-to-cash processes efficiently.
• Conduct cost management reviews and profitability analysis.
• Perform IT-focused audit work covering general controls, service management, system implementations, infrastructure, cybersecurity, and compliance.
• Apply analytical tools to evaluate data and strengthen audit outcomes.
• Assist audit leads and team members to ensure timely audit delivery.

Skills: Financial Transformation, Process Improvement, FP&A Support, Finance Strategy, Financial Reporting, Process Execution, Cost Analysis, IT Auditing

• Understand IT audit, compliance, continuous monitoring, and self-audit activities.
• Track and obtain the current status of management action plans (MAPs).
• Understand operational needs of IT partners and make recommendations for new or modified IT audit support processes.
• Work with IT operations frameworks and IT frameworks such as ITIL and COBIT 5.
• Create and maintain measurements and metrics related to all IT audit support processes.
• Coordinate all IT audit requests for internal and external audit teams.
• Participate in the analysis of identified gaps and work with IT control owners to develop MAPs and reasonable timelines.
• Participate in internal assessments and process improvements.
• Manage annual audit deliverables in the audit repository.
• Assist in the development of Internal Audit departmental methodologies, processes, and tools, particularly those related to IT and change.
• Use standard Internal Audit techniques for information gathering, risk assessment, fieldwork, and issues reporting.

Skills: IT Audit Support, Compliance Monitoring, Action Plan Tracking, IT Frameworks, Metrics Management, Audit Coordination, Gap Analysis, Process Improvement

• Assist with IT risk assessments during audit planning to highlight key areas requiring control focus.
• Lead IT audit fieldwork to test control effectiveness, detect deficiencies, and confirm alignment with AL’s IT policies.
• Recommend practical and cost-efficient IT controls that enable informed risk-based decisions.
• Coordinate with IT stakeholders for external audit needs, including meeting arrangements, evidence collection, and timely escalation of issues.
• Track remediation progress of audit findings and evaluate the sufficiency of corrective measures.
• Create process documentation and visuals to support IT control evaluation and performance review.
• Conduct IT control reviews on Linux and Windows platforms to assess system security and compliance.
• Assess IT controls on enterprise applications such as ERP, ERM, and CRM.
• Evaluate security controls for web-facing services, including firewalls, intranet, and e-commerce systems.

Skills: IT Risk Assessment, Audit Fieldwork, Control Recommendations, Stakeholder Coordination, Remediation Tracking, Process Documentation, System Security Review, Application Security

• Perform IT audit activities.
• Evaluate and test IT internal controls for clients by assessing design and operating effectiveness, creating test plans, and documenting results and exceptions.
• Understand and document IT internal controls for organizations.
• Understand and document business processes and controls for organizations.
• Perform risk assessments for various security, technology, and compliance standards.
• Develop creative and logical solutions and assist in presenting findings and recommendations to clients.
• Interact with clients regularly on technology, process, controls, and related projects.
• Meet deadlines and proactively communicate with project team members.
• Perform assignments both autonomously and as part of a team.
• Assist with operational assessment projects.

Skills: IT Auditing, Controls Testing, Controls Documentation, Process Documentation, Risk Assessment, Solution Development, Client Engagement, Team Collaboration

• Execute IT, integrated, operational, or compliance audits in accordance with ISACA’s Standards for IS Audit and Assurance to support completion of the Annual Audit Plan.
• Provide direct assistance to external auditors in the execution of the year-end audit engagement.
• Perform general and application control reviews for simple to complex information systems.
• Develop comprehensive risk-based audit programs in collaboration with management, including risk identification, documentation of the internal control framework, and efficient testing procedures.
• Develop and maintain data analytics using tools such as SAS, SQL, and Alteryx to support internal audit programs and ensure effective testing procedures.
• Evaluate and document the effectiveness of the internal control framework in preventing, detecting, or correcting errors and irregularities through inquiry, observation, and substantive testing.
• Analyze IT and business processes for effectiveness, efficiency, and compliance with corporate policies, standards, accounting guidelines, and regulatory authorities such as GAAP, STAT, NAIC, SEC, and FINRA.
• Develop detailed work papers to provide sufficient evidence of work completed in the development, analysis, execution, and reporting of the audit program.
• Perform timely follow-up with management to ensure compliance with agreed-upon action plans in relation to audit observations.
• Provide support to Audit Management on special projects.

Skills: IT & Compliance Audits, External Audit Support, Control Reviews, Audit Program Development, Data Analytics, Control Evaluation, Process Analysis, Audit Reporting

• Become a trusted risk and controls advisor to the business by performing audits, advisories, and consultancy projects, identifying business control issues for remediation, and seeking value-add improvement opportunities.
• Identify IT and cybersecurity risks and propose effective and efficient remediation activities to business management.
• Determine audit objectives and scope of assigned audits as directed by the IT Audit Manager and Principal IT Auditor.
• Take the lead on specific audit projects.
• Assess risk, develop audit testing procedures, and review testing procedures developed by other team members.
• Conduct audit testing and effectively document results, ensuring conclusions, observations, and recommendations are appropriately supported.
• Assist in recommending changes to client control processes and negotiate solutions, improvement opportunities, and management corrective actions.
• Assist in the development and training of staff auditors.
• Act as a team player willing to give and receive positive and constructive feedback.
• Represent the department as a business partner that adds value across all activities.

Skills: Risk Advisory, Cybersecurity Assessment, Audit Scoping, Project Leadership, Audit Testing, Control Improvement, Staff Development, Business Partnership

• Perform IT audits, including developing audit plans, facilitating process interviews, documenting company processes and procedures, identifying risks and controls, executing internal control testing, completing project review procedures, and communicating audit findings.
• Evaluate the adequacy of management’s corrective actions taken for IT audit findings.
• Perform advisory work for key processes or projects being implemented through risk and control assessments.
• Build effective relationships and meet shared objectives within internal audit and management.
• Supervise and provide feedback on the work of others in the use of computerized audit techniques.
• Manage multiple complex projects independently and meet deadlines under pressure.
• Extract, compile, format, and sample test data from a range of accounting and ERP application systems.
• Act as a liaison between Internal Audit, IT management, and external auditors.
• Apply company policies, procedures, rules, regulations, laws, best practices, and principles of ethical behavior to all work performed.
• Report to the Director of IT Audit with no direct reports.

Skills: IT Auditing, Corrective Action Review, Risk Advisory, Relationship Building, Team Supervision, Project Management, Data Analysis, Audit Liaison

• Assist in the completion of internal audit engagements and validation procedures in alignment with the department’s audit methodology and professional standards.
• Evaluate Information Technology General Controls, including logical access and program change.
• Evaluate other general controls, including backups, job scheduling, IT maintenance procedures, and physical security.
• Evaluate application controls, including configurable system parameters and switches, segregation of duties within applications, and end-user computing utilizing tools such as Access, Structured Query Language, and other end-user reports and query tools.
• Prepare work papers and clearly document audit evidence, including process documentation, control identification and assessment, flow charts, and test work in line with Internal Audit documentation requirements.
• Lead the development of the audit planning memorandum, audit programs, and testing approach.
• Lead the writing of potential issues when exceptions are identified, considering the root cause of the issue and providing recommendations to improve operations.
• Organize and complete work within established budgets and timeframes.
• Proactively communicate with the audit team and clients in a professional manner.
• Develop professional relationships with client contacts.

Skills: Internal Auditing, ITGC Evaluation, Application Controls, Audit Documentation, Audit Planning, Issue Reporting, Time Management, Client Relations

• Previous IT auditing experience with professional certification (CPA, CISA, or CIA).
• Familiar with standard IT auditing concepts, practices, and procedures.
• General understanding of technology, information risk concepts, and audit documentation.
• Proficient with ACL, GRC tools, Access, or Excel.
• Exceptional presentation and business-writing skills (MS Office).
• Knowledge of audit sampling methodologies and statistical testing techniques.
• Awareness of IT risk quantification approaches (e.g., FAIR model).
• Familiarity with agile auditing methodologies for faster, iterative audit cycles.
• Able to perform under pressure.
• Strong organization, analytical, and data analysis skills.
• Good communication and interpersonal skills.

Qualifications: BS in Management Information Systems with 4 years of Experience

• Experience in external auditing/internal auditing/IT/risk/compliance/Internal control/operations in the financial services industry.
• Professional Qualification/Certificate in Audit, e.g., CISA, CISSP, CISM, CCSP.
• Strong expertise in Cybersecurity (preferably IT security hands-on experience).
• Strong technical background in IT activities (including IT production/IT systems expertise).
• Curiosity, rigor, and precision.
• Outstanding analytical skills.
• An ability to synthesize.
• Excellent writing and presentation skills (in English).
• High level of initiative, commitment, and drive.
• Ability to work effectively under pressure and within short deadlines.
• Can promote a constructive, cooperative, and participative teamwork environment.

Qualifications: BS in Information Technology with 5 years of Experience

• Experience in technology audit, IT governance, risk, and compliance, or related areas.
• CISA and/or similar CISSP, CRISC, CISM, and MCSE certifications.
• Specific subject matter expertise and a solid business understanding of technology, coding, data analytics, and data management, as well as IT security principles.
• Experience with control frameworks such as COBIT.
• Ability to work on multiple projects concurrently.
• Broad understanding of the risks and control principles associated with IT activities, IT policies, and procedures.
• Effective communication and negotiation skills, a proactive approach in communicating issues, and a strength in sustaining independent views.
• Good analytical thinking, problem-solving skills, and the ability to make reliable and objective judgments.
• Advanced oral and written command of English.
• Must be a strong team player.
• A passion for quality and continuous improvement of processes.

Qualifications: BS in Computer Science with 7 years of Experience

• Strong knowledge of and experience with IT systems, in particular IT security best practices.
• Knowledge of automated compliance testing and/or data analytics tools.
• Understanding of third-party risk management frameworks, including SSAE 18 and ISO 27036.
• Knowledge of identity governance solutions (SailPoint, Okta, etc.) from an audit/control perspective.
• Strong project management, analytical, organizational, and people skills.
• Self-motivated individual with the ability to meet project timelines.
• Excellent verbal and written communication skills, and demonstrate attention to detail.
• Be independent and thorough in examination and analysis.
• Results-oriented, with the ability to collaborate with different individuals across the organization and within other geographies.
• Strong organizational and time management skills.
• Resourceful, action-oriented, with the ability to get things done and overcome obstacles.

Qualifications: BS in Cybersecurity with 6 years of Experience

• IT internal audit, business process consulting, public accounting, or related experience.
• Strong knowledge of basic technology controls and management information systems terminology, concepts, and practices, and able to recognize significant IT control issues.
• Strong knowledge of Windows, web-based applications, and basic infrastructure and network technology.
• Strong oral and written communication skills.
• Strong analytical, negotiating, and presentation skills, and a proactive approach to problem-solving.
• Ability to maintain objectivity and an independent audit perspective.
• Ability to work independently with some supervision and complete assignments timely with sufficient attention to detail to ensure accuracy and thoroughness of coverage.
• A team player with the ability to develop working relationships and interface with all levels of Leadership.
• Hold a CIA, CPA, CISA, or CISSP.
• Experience working in a Big 4 accounting firm.
• Skilled with Visio, ACL, or SAP.

Qualifications: BS in Accounting Information Systems with 4 years of Experience

• Hold one or more of the following: CPA, CIA, CFSA, CISA, CISM, CRISC, CISA, CISM, or CRISC.
• Audit experience in the Financial Services industry or in a professional services firm serving financial service clients.
• Experience in information systems auditing, information systems risk management, or IT Sarbanes Oxley (SOX) testing experience, e.g., key reports, automated controls, IT general and application controls.
• Exposure to relevant industry frameworks (e.g., NIST cybersecurity framework).
• Able to effectively coach, mentor, and develop staff in areas of expertise.
• Self-starter, able to work independently and ensure work is completed to schedule and meets high-quality standards with a high level of attention to detail.
• Able to develop and maintain strong and effective working relationships with key business partners to deliver outstanding business impact and elevate Audit's value proposition.
• Demonstrate teamwork, collaboration, a positive attitude, and a high level of ethics.
• Possess a high level of understanding of audit theory and the ability to develop strong industry knowledge.
• Intermediate level with all Microsoft Office applications, including the ability to learn new and existing banking software.
• Able to handle company and client information and sensitive matters professionally and confidentially.
• Excellent communication and organizational skills with the ability to manage multiple priorities and meet established deadlines.

Qualifications: BS in Computer Science with 8 years of Experience

• Must possess or be in pursuit of a professional certification (e.g., CISA, CISSP).
• Experience in IT audit, IT consulting, IT SOX testing, or other general IT experience.
• Basic understanding of networking, cybersecurity, cloud security, data processing operations, applications, and general IT processes.
• Ability to translate technology issues into business risk and impact.
• Understanding of internal auditing standards, risk assessment practices, and appropriate testing of controls.
• Intermediate to advanced knowledge of Microsoft applications (Excel, Word, PowerPoint, etc.) to prepare correspondence and reports, as well as create and generate spreadsheets.
• Experience in working on multiple projects simultaneously, working with varying team members, and developing relationships with IT, finance, and operational management.
• High level of analytical, strategic, and technical thinking to apply internal auditing policies, procedures, and standards, as well as develop, tailor, and execute audit work programs.
• Strong verbal and written communication skills to effectively assist in presenting complex ideas to business management.
• Good conflict resolution abilities to manage disagreements during audits without escalation.
• Proactive mindset to identify opportunities for process improvements beyond audit scope.

Qualifications: BS in Data Analytics with 5 years of Experience

• Audit and advisory experience, preferably with a Big 4 or leading risk advisory/ public accounting firm.
• Experience in performing multiple full rounds of internal auditing and proficient with SOX regulations.
• Experience in performing Design and operating effectiveness tests of ITGCs, as well as application controls.
• Experience reviewing SOC Reports and auditing key reports for SOX compliance.
• Familiarity with tools such as ACL, SQL queries, and UNIX scripting.
• Experience in performing and reviewing the audit evidence, validating it for completeness and accuracy, and documenting the work papers.
• Good understanding of IT data center operations and a variety of technology platforms.
• Experience with SAP Security reviews of individual programs (SAP Security includes role maintenance activities, adherence with segregation of duties requirements, and supporting the current organization level design).
• Hold industry certifications such as CISA, CISSP, CISM, CEH, ISO 27001 LA, IA, etc.
• Ability to synthesize complex audit findings into actionable insights for executive decision-making.
• Strong facilitation skills to guide workshops and walkthroughs with business and IT stakeholders.

Qualifications: BS in Software Engineering with 7 years of Experience

• Progressive IT audit experience, general IT controls, and application-level controls.
• Banking/Financial Services experience.
• CISA, CISSP, CPA, CIA, or other related professional certification.
• Experience with auditing application/IT controls and their interplay with financial and operational processes to conclude achievement of overall environment control objectives.
• Ability to execute audit testing utilizing data extraction and visualization tools (e.g., SQL, Tableau, Alteryx).
• Strong knowledge of technology risks and controls, including information/cyber security, cloud environments, interface controls, transaction processing, change management, and IT Operations.
• Understanding of business and operational controls.
• Ability to design audit testing scenarios utilizing data analytics by working with financial audit, business, and IT.
• Executive-level reporting skills to distill complex audit results into key risk themes for the board.
• Good negotiation skills to align IT, finance, and operations teams on remediation priorities.
• Strategic foresight to anticipate how emerging technologies may reshape audit risk landscapes.
• Ability to mentor junior auditors in both IT audit techniques and financial process understanding.

Qualifications: BS in Computer Engineering with 9 years of Experience

• Solid understanding of internal control practices and the Institute of Internal Auditors' International Professional Practices Framework.
• Understanding of IT risks and controls.
• Excellent understanding of the Sarbanes-Oxley Act, frameworks (COSO, COBIT), and SEC guidance for management’s assessment of internal controls over financial reporting.
• Recent Sarbanes-Oxley and ITGC experience.
• Independent and adaptable team player with strong project management skills to comfortably lead and conduct multiple significant projects and tasks with quality, accuracy, and attention to detail.
• Strong critical thinking with sound judgment and decision-making skills.
• Self-motivated, positive, and professional attitude.
• Exceptional prioritization, organization, and time-management skills to consistently meet deadlines with quality deliverables in a fast-paced environment.
• Strong interpersonal skills (including oral and written communications) with the ability to lead all related interactions with various levels of the organization, including middle and senior management.
• Ability to interact well with internal and external parties on internal audit-related matters.
• Have the highest ethical standards.
• Personality, passion, purpose, poise, and pride.

Qualifications: BS in Information Systems Security with 6 years of Experience