Remote Manager, Internal IT Audit - Data Management

Job Description

Develop and execute comprehensive internal audit plans for IT security and IT business applications, aligned with industry best practices and regulatory requirements (SOX, etc.).

Lead and manage a team of internal auditors in conducting risk assessments, control testing, and IT-related audits.

Identify, evaluate, and report on IT security vulnerabilities and control weaknesses.

Develop and implement recommendations for improving IT security posture and IT controls.

Partner with IT management to remediate identified control deficiencies and security vulnerabilities.

Stay current on emerging IT security threats and best practices.

Communicate effectively with senior management and the Board of Directors regarding IT security and control risks.

Contribute to internal audit planning and scoping processes

Data collection and review

Interviews with key personnel

Observations of data management practices

Analysis of findings and identification of gaps or weaknesses

Reporting and recommendations for improvement

Preparation of working papers, memos, draft reports in accordance with IA methodologies

Data management internal audit experience. Topics including :

1.Data governance : Review of data ownership, accountability, data labeling and data classification.

2.Data quality : Assessment of data accuracy, completeness, and consistency.

3.Data security : Evaluation of access controls, encryption, and incident response plans

4.Data privacy : Review of personal data handling practices and compliance with regulations like GDPR and CCPA.

5.Data retention and disposal : Assessment of data archiving and deletion processes.

6.Data backups and recovery : Evaluation of backup procedures and disaster recovery plans.

7.Data management policies and procedures : Review of documentation and adherence to established protocols.

8.Data inventory and classification : Assessment of data categorization and handling practices

9.Data sharing and collaboration : Evaluation of data sharing agreements and interorganizational data exchange.

10.Compliance with regulations and standards : Review of adherence to relevant laws, regulations, and industry standards (, HIPAA, PCI-DSS, ISO 27001).

We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day.

We are an equal opportunity / affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances.

If you need assistance and / or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to .

To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy : .

Required Skills & Experience

8+ years of experience in internal auditing, with a minimum of 3 years focused on Data Management (Data Privacy, Data Quality, Data Security, Data Governance etc)

Experience working in Internal Audit at a Large Financial Institution (as either consulting or internal employee)

Knowledge of Governance, Risk, and Compliance (GRC) technologies.

Excellent communication, interpersonal, and leadership skills.

2+ Years of Audit People Management and Leadership Experience

Nice to Have Skills & Experience

Strong understanding of IT security frameworks (, NIST CSF).

Certified Information System Auditor (CISA)

In-depth knowledge of internal controls over financial reporting (SOX). Experience with SOX readiness assessments and compliance.

Proven experience in leading and managing internal audit teams.

Certifications : Certified Internal Auditor (CIA) , Certified Public Accountant (CPA),

Experience with Enterprise Risk Management (ERM) a plus.

Familiarity with vendor risk management best practices.

Understanding of SOC 1, 2, and 3 reporting frameworks.

Expertise in information security for internet, intranet, wireless, and cloud applications.

Experience with internal business process and IT audit methodologies, including risk and control assessments

Benefit packages for this role will start on the 31st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching.

Employees in this role are also entitled to paid sick leave and / or other paid time off as provided by applicable law.