The Internal Audit IT Manager plays a critical role in assessing the design and effectiveness of technology controls across the credit union. This position leads and executes complex IT audits, with a focus on cybersecurity, infrastructure, business continuity/disaster recovery (BC/DR), data governance, artificial intelligence (AI), and digital initiatives. This role will ensure that IT risks are properly identified, assessed, and mitigated in alignment with regulatory requirements, industry frameworks, and organizational goals.
• IT Audit Management
- Oversee and manage the planning, execution, and reporting of audits and advisory reviews covering cybersecurity controls, infrastructure and network security, business continuity and disaster recovery (BC/DR), data governance and system development lifecycle management, emerging technologies, including AI and digital platforms
- Oversee documentation, workpapers, and reports to ensure they are accurate, complete, and comply with the Global IIA Standards
- Ensure audit coverage aligns with the institution’s IT risk landscape and regulatory requirements.
- Implement processes and procedures to comply with the Global IIA Standards
- Promptly involve stakeholders and the SVP Internal Audit/CAE when issue(s) arise
- Create and manage the budget and resource allocation for the department
• Risk Assessment & Strategy
- Plays an integral role in the risk-based audit plan, by contributing to the risk assessment methodology, overseeing the risk-based audit plan results
- Identifies and assesses risks and adjusts the risk-based audit plan as needed, evaluating proper coverage of critical areas and risks
- Assign and manage resources to effectively execute the audit plan
- Manage the audit plan and communicate adjustments timely and accurately
- Present and communicate findings, root cause analysis, and actionable recommendations to stakeholders
- Leverage audit results and data trends to advise management on areas of strategic concern
- Create and execute internal strategic objectives that support the overall internal audit functions’ mission and vision
- Stay current with IT regulations, industry trends, and frameworks, such as FFIEC, CIS, NIST and other relevant guidance
- Coordinate with IT operations, security, digital, and external agencies as needed.
• Stakeholder Engagement
- Effectively communicate with internal departments, external auditors, regulatory bodies, and other stakeholders
- Communicate audit findings, risks, and recommendations clearly to senior leadership and to the Supervisory Committee.
- Build strong partnerships and collaborate with business and technology leaders to understand associated risks and to align audit coverage
• Team Leadership & Development
- Supervise, coach, and develop a team of auditors on audits and integrated IT audits
- Support the development and implementation of IT audit methodologies and tools
- Foster a culture of collaboration, integrity, accountability, and continuous learning and improvement
- Coordinate, direct, and support the appropriate education, certification, and training of staff in support of the department and division’s objectives
- Complete performance appraisals for supervised audit staff, set established goals, and review established goals consistently
- Promote a culture of integrity, accountability, professionalism, and ethical conduct
- Maintain certifications and fulfill annual CPE requirements
Education:
• Bachelor’s degree in Information Systems, Computer Science, or related field (required)
• Advanced degree or specialized Master’s degree preferred
Certifications:
• CISA, CISSP, CISM, CRISC, CIA or equivalent
Experience:
• 8+ years’ experience of internal/external audit, information systems, information technology, cybersecurity, risk, or other relevant area. Public accounting experience a plus
• 3+ years’ experience in a leadership or management role
• Robust understanding of IT control frameworks such as NIST,COBIT, CIS CSF
• Credit Union or financial institution experience in IT operations, cybersecurity, digital operations, or risk management, preferred
Skills/Abilities:
• Ability to understand complex IT environments
• Extensive knowledge of cybersecurity, SDLC best practices, IT general controls, database platforms, network architecture, operating systems, third-party/vendor risks, AI risk governance, digital transformation initiatives, and cloud platforms• Expertise in audit methodologies, internal control frameworks (e.g., COSO), and regulatory requirements (e.g., FDIC, OCC, CFPB)
• Strong written and verbal communication skills, including experience reporting to executives and boards
• Self-starter, highly motivated, organized, and detail oriented
• Professional in appearance and attitude
• Strong interpersonal skills and excellent team player
• Demonstrates curiosity, analytics skills and problem solving
• Proficient Microsoft Office skills. Ability to operate related computer applications and software required to complete assigned responsibilities
• Ability to work well independently with limited daily supervision while meeting deadlines
• Ability to navigate through ambiguity, manage and coordinate multiple projects simultaneously, accept ownership and accountability for projects and decisions, and deliver on commitments
Requirements/Knowledge:
• Thorough knowledge of credit union IT, security, and digital environment
• Proficient in Microsoft Office products
• Strong understanding of IT frameworks
• Demonstrate strong business acumen, problem-solving and analytical skills
• Travel may be required
Software Powered by iCIMS
www.icims.com