Senior audit manager- cyber security

Nuagem inc - Varennes, QC (4 months ago)

Apply Now

Job description
Under the direction of the audit Director, the Senior Audit Manager is accountable to support the Enterprise and the assigned Business/Corporate Group in maintaining effective management processes and system of internal control. An affective audit function provides vital assurance to the Board of Directors and senior management as to the quality of the internal control system and in so doing helps reduce the risk of loss and reputational damage to the Company.

The function is instrumental in identifying ongoing unacceptable / high-risk circumstances which could lead to material impact on profitability or reputation. The Senior Audit Manager is responsible for the conduct of audit engagements which critically assess management and internal control processes, assists in determining the nature, extent and timing of the audit, its effective execution and the formulation of insightful audit reports which provides clear, concise and memorable insights on issues and possible issues which will assist management in fulfilling its responsibilities.

Supporting Corporate Audit leadership in management of a strong internal audit practice, demonstrating a high performance culture. Contributing through direct actions to the Division’s stature and independence within the Enterprise.Assisting staff in the management of their careers and realization of their professional goals.

Key Dimensions of Capability:
  • Proactively identify changing strategies, tactics, risks and initiatives continuously following the appropriate audit and investigative services with the appropriate focus.
  • Providing fair and balanced insights into current, emerging and potential issues, trends and opportunities that will enhance efficiency and effectiveness of management and the enabling control processes.
  • Drive positive change in the Enterprise based upon high quality work, thoughtful in its preparation and direction.
  • Leading a workforce that is knowledgeable about our business and specialized within their audit field, understanding the external market, thinking about the efficiency and effectiveness of management and control processes, being seen as highly credible and using their ingenuity to add value.
  • Continually advance the Professional practice.
Specific Responsibilities:
  • Proactively identify changing strategies, tactics, risks and initiatives continuously following the appropriate audit and investigative services with the appropriate focus.
  • Meet with key client management periodically to identify changing tactics, initiatives and consider and advise in the implications for the nature and intended timing of audit plans and procedures.
  • Execute Cyber Security audits in full recognition of the risks of the client group which encompass the inherent risks, control risks and internal/external environment and regulatory risks. This may encompass individual “unit” audits and broad “end to end” audits of Enterprise level functions/processes.
  • Provide input to the Director and Assistant Chief Auditor in the development of an annual audit plan which is well aligned to client strategies and tactical and Enterprise appropriate areas of focus based upon the business and operating risks of the unit. A measure of success is that the plan is supported by the Assistant Chief Auditor, Chief Auditor and Audit Committee.
  • Providing fair and balanced insights into current, emerging and potential issues, trends and opportunities that will enhance efficiency and effectiveness of management and the enabling control processes.
  • Support the Director in the development of audit reports which provide a fair and balanced assessment of management and control processes based upon critical assessment of the effectiveness of management and internal control processes. Such reports will be clear, concise and timely in their delivery, being seen by readers to be an objective assessment of management/control processes.
  • Support the Director in the development and review with clients of periodic summary reports, providing insights which relay information and learnings from audit and other Division information resources, related communications, market insights and research and regulatory learnings which will assist client groups in evaluating their strategies, tactics and risks and providing a basis to adjust where ever appropriate.
  • Support the Director in the development of specific and, where appropriate, broad communications which identify, revenue and cost management opportunities for business units/groups which will assist in achieving their business goals including profitability.
  • Demonstrate good judgment within assigned audit engagements. Support the Director in critically evaluating client business strategies, policy and standards providing meaningful insights based upon knowledge and research which will continue to improve the Enterprise management and control processes.
  • Develop and maintain strong working relations with key clients at the senior management levels.
  • Provide timely and insightful support to Directors, Assistant Chief Auditors and Chief Auditor in the preparations of Audit Committee reports including state of current management activities, potential and emerging issues, and areas of potential focus.
  • Develop and maintain strong working relationships with managers in corporate areas that offer valuable interaction exchange opportunities that can enhance audit execution and alignment with their strategies/tactics.
  • Drive positive change in the Enterprise based upon high quality work, thoughtful in its preparation and direction.
  • Maintain a good level of knowledge of the industry of the client group, the regulatory and broad economic environment availing the client of the knowledge in the development of their strategic and tactical plans and operations.
  • Ensure that audits for which the role is responsible are conducted effectively and efficiently to the high standards set out by the Division, outcomes of which are confirmed through the Division’s Quality Assurance Program and/or regulatory examination results.
  • Ensure that the work of subordinates is well executed in accordance with the standards set out by the Division and that their judgments are sound, well documented and repeatable.
  • Provide oversight to staff where assigned during the execution of audits ensuring that conduct is professional and consistent with professional standards.
  • Ensure that the audit work and that of supervised staff is conducted with integrity and objectivity.
  • Ensure open and effective lines of communication are maintained with the client management/representatives throughout the audit process from initial planning to report distribution and follow-up. Clients should feel engaged, well informed and satisfied that their views of risk have been considered. Clients should not be “surprised”.
  • Efficiently define and execute projects as may be assigned supporting the Division and/or leading to a client-based report.
  • Leading a workforce that is knowledgeable about our business and specialized within their audit field, understanding the external market, thinking about the efficiency and effectiveness of management and control processes, being seen as highly credible and using their ingenuity to add value.
  • When supervising staff, direct staff in a manner consistent with the goals/objectives of the Division and the Enterprise, contributing to the Division’s culture.
  • Provide periodic assessment of performance of all staff for which they are responsible. Recognize the appropriate value of timing of rewards.
  • Support continual focus on maintaining a high performing work team consistent with a “strong” audit function through coaching and interaction with staff.
  • Continue to advance the capabilities of their staff.
  • Be and be seen as a knowledge “go to” person in business, client and audit technical matters keeping current on new thinking/practices.
  • Effectively manage conflict when it arises with clients and with colleagues and staff.
  • Support the culture within CAD as it continues to evolve, while demonstrating alignment of messaging and actions to staff and clients.
  • Continually advance the professional practice.
  • Be and be seen as knowledgeable with specific technical competencies.
  • Support the Director and Assistant Chief Auditor in maintaining an effective centre of competency, which is the central point of reference on a specific subject area, the determination point for the Division’s views, and practices on the topic. In so doing, the individual will ensure that programs are maintained which are practical and aligned to the Division’s needs, actions in the conveyance of knowledge and emerging/potential issues related to the competency.
  • Support advancement of the Division’s overall functioning by ensuring that practices and methodology applications are maintained at the high quality level expected of a strong internal audit practice.
Qualifications:
  • Undergraduate degree or equivalent with 5-10 years of direct relevant experience in an audit function or business/corporate function.
  • Minimum of 3-5 cumulative years of experience in conducting IT Infrastructure and Cyber Security related audits/assessments/reviews.
  • Professional designations/certifications (GIAC, CCSK, CIA, CISA, CRISC, CISSP or other relevant IT designation) with related experience would be preferred.
  • Strong knowledge of NIST Cyber Security framework or other related frameworks.
  • Experience in leveraging data analysis tools and techniques to assess IT/Cyber risk to apply to audit engagements
  • Good knowledge of trends and best practices in cyber security, internal control, business processes and security tools.
  • Leads a team of internal audit professionals to plan and execute multiple audits by working closely with the Audit Director.
Skills:
  • Proactive self-starter with the ability to manage and meet deadlines.
  • Excellent interpersonal skills; ability to collaborate, influence, resolve conflict and network effectively.
  • High level of planning and organizing skills with the ability to manage multiple competing priorities.
  • Working level leadership and managerial skills.
  • Working level negotiation, influencing and conflict resolution skills.
  • Good analytical and system thinking skills.
  • Working experience with the use of data analysis tools such as ACL or MS Access/Excel to support audits along with general software programming skills would be an asset.
  • Strategic and tactical thinking capabilities.
Please send your CV to: sdorval@nuagem.ca