he Horizontal IT Auditor will be part of Corporate Audit’s Horizontal IT team, which is responsible for horizontal application and infrastructure IT General Control processes and related risks. This role is responsible to perform the planning, assessment, testing and issue validation phases of audits covering Identity Access Management, Change Management, and Resiliency, as well as selected attestations globally.

The main objective of a horizontal audit is to provide management with a thematic, independent, objective assurance regarding the design and operating effectiveness of internal controls mitigating IT-related risks, across the organization.  Horizontal audits follow a collaborative approach, with other IT Audit teams jointly conducting vertical IT Infrastructure and Cyber Audits. The Horizontal IT Auditor will execute attestations around key risks and related application / infrastructure controls within horizontal audits.

Who we are looking for:

Are you a talented professional looking for a challenging and fulfilling opportunity to grow along with a global industry leader? Are you interested in identifying and helping to mitigate complex application and infrastructure risks? Do you want to be part of a global dynamic team that works hard, but has fun doing it? If so, then we may have the solution for you.

Why this role is important to us:

The team you will be joining plays an important role in the overall success of the organization. Across the globe, institutional investors rely on us to help them manage risk, respond to challenges, and drive performance and profitability. To make that happen we need teams like yours to help navigate employees and the organization as a whole. In your role you will strive for cutting-edge solutions, that are straightforward and scalable. You will help us build resilience and execute day to day deliverables at our best. Join us if making your mark in the financial services industry from day one is a challenge you are up for.

What you will be responsible for:

As Horizontal IT Auditor - you will be:

• Independent advisors - advising management on risks related to strategic initiatives and process and systemic changes.

• Subject matter and controls experts - providing knowledge and experience in key risk areas

• Efficiency specialists - identifying inefficiencies in risk management and control design

• Problem-solving partners - looking ahead to help management envision future risks and opportunities

Do you love thinking analytically? Are you passionate about using your technical knowledge to navigate complex business, operational and technology challenges? As a key member of the team, you will:

• Work as part of an international team with global stakeholders in new and changing situations where there may not always be a readily apparent solution.
• Perform the planning, assessment, testing and issue validation phases of audits covering Identity Access Management, Change Management, and Resiliency, as well as selected attestations globally.
• Perform independent and objective assessments of risks and controls to improve risk management practices.
• Assess systems and supporting controls for compliance with laws, regulations, company policies and meet business needs.
• Recommend control improvements to mitigate key risks.
• Influence change and provide insights on business initiatives, including pre / post system implementations.
• Prepare audit work papers to ensure compliance with the division’s risk-based audit methodology.
• Have exposure to emerging technologies including crypto / blockchain
• Use your excellent writing skills to succinctly communicate complicated technical issues in business terms.

What we value:

• Ability to manage complexity, to effectively prioritize multiple tasks and work independently in non-routine situations.
• Professional curiosity and willingness to learn new technologies and processes.
• Strong analytical, interpersonal, organizational, research, and communication (verbal and written) skills
• Good understanding of the role of first, second and third line of defense.
• Currently hold one or more industry recognized certifications (e.g. CISA, CRISC, CISM, CISSP, Cloud+, etc.) and a willingness to continue to learn and grow.
• Fluency in English - written and spoken.

• IT Resilience / Data Replication / Disaster Recovery
• Identity and Access Management/Privileged Access Management/Adaptive Authentication Solutions
• IT Change Management
• IT incident and problem management
• Security Incident and Event Management (SIEM) Technologies
• Cyber Incident and response
• Enterprise security controls frameworks
• Cloud Security
• Financial services operational processes and technology
• Automated business process controls