Audit Manager - IT (Data Focus)

The Opportunity

Our dedicated Audit Manager - IT , leads and executes complex technology and information / cyber security (IT / IS) audit engagements throughout the audit lifecycle, to include understanding of horizontal and vertical business impacts, integrating audits with IT, analytics, and projects and reviewing work papers.

Creates and independently performs complex work assignments and problem resolution in support of risk-based assurance and advisory IT / IS engagements.

Leverages results from engagements and continuous monitoring activities to assist Audit Leadership in updating risk assessments.

Adheres to the Institute of Internal Auditors' International Standards for the Professional Practice of Internal Auditing (Standards) and Code of Ethics.

We offer a flexible work environment that requires an individual to be in the office 4 days per week. This position can be based in one of the following locations : San Antonio, TX;

Plano, TX; Tampa FL; Phoenix, AZ or Charlotte, NC. Relocation assistance is not available for this position.

What you'll do :

Primarily serves as Auditor-in-Charge (AIC) and main point of contact for the business through IT / IS Audit engagements.

Leads and executes complex IT / IS audit engagements throughout the audit lifecycle and leads continuous monitoring and advisory activities, special reviews, and investigations.

Manages day to day engagement-related efforts and assignments of Audit team members with varying degrees of expertise and experience when conducting engagements as the Auditor-in-Charge (AIC).

Develops and independently updates IT / IS risk and control matrix at the engagement level for each engagement.

Performs detailed review of work by team members; providing feedback / questions and completes audit team end of engagement evaluations when applicable.

Ensures engagements are completed objectively, professionally, and in accordance with corporate and industry audit standards.

Makes recommendations for severity ratings to Senior IT Audit Manager and Director.

Identifies control weaknesses and opportunities for improvement in the current operating environment and provides recommendations for corrective action;

drafts the related audit issues and audit reports for issuance to respective client leadership.

Communicates effectively with the business / clients and delivers risk-based and difficult messages regarding issues and control weaknesses to ensure proper risk assurance coverage.

Provides day to day coaching guidance and on the job training to team members to ensure development, quality, and timely audit engagement deliverables.

What you have :

Bachelor’s degree; four additional years of related experience beyond minimum required may be substituted in lieu of a degree.

6 years of audit or controls experience in a financial services or technology / information security environment.

2 years audit experience in the technology and / or information security (IT / IS) areas.

Experience performing internal audits, external audits, or applying audit, risk, or compliance acumen in a complex operational and regulatory environment.

Working knowledge of IT / IS controls in areas to include Technology infrastructure management and platforms (e.g., mainframe, midrange, distributed), Network architecture and security (e.

g., network segmentation, firewalls, proxies, encryption protocols, endpoint protection).

Knowledge of internal audit principles to examine, analyze, assess, and draw conclusions from audit work and present findings to multiple audiences.

Demonstrated experience effectively communicating and challenging IT / IS Controls with business partners and leaders.

Understanding of IT / IS risks and internal controls and the ability to evaluate and determine adequacy and efficiency of controls.

Experience mentoring and providing feedback to team members.

Demonstrated experience in highly dynamic environment and ability to deal with competing priorities.

Knowledge of specific industry frameworks and standards to include COBIT, NIST 800-53, NIST CSF, CRI Profile, OWASP, STIGs, CIS Benchmarks, ISO 27001 / 2, SOC 2, PCI DSS, ITIL, and FFIEC booklets (e.

g., information security, business continuity, etc.).

Experience with compliance requirements including GDPR, GLBA, and CCPA.

Knowledge of large financial services regulations (e.g., Office of the Comptroller of Currency’s Heightened Standards and Federal Reserve Board’s Large Financial Institution Rating System).

What sets you apart :

Experience in Sensitive Data Management, including audit data classification, data protection methods (encryption, tokenization, etc.

and data discovery / remediation.

Experience in Data Lineage and Mapping, including auditing data lineage, capable of tracing and mapping the data lifecycle from its origin to consumption.

Experience in Data Quality Assessments, including knowledge of conducting data quality assessments to uphold the accuracy, completeness, and reliability of critical data.

The above description reflects the details considered necessary to describe the principal functions of the job and should not be construed as a detailed description of all the work requirements that may be performed in the job.

What we offer :

Compensation : USAA has an effective process for assessing market data and establishing ranges to ensure we remain competitive.

You are paid within the salary range based on your experience and market data of the position. The actual salary for this role may vary by location.

The salary range for this position is : $120,550 - $230,400 . Employees may be eligible for pay incentives based on overall corporate and individual performance and at the discretion of the USAA Board of Directors.

Benefits : At USAA our employees enjoy best-in-class benefits to support their physical, financial, and emotional wellness.

These benefits include comprehensive medical, dental and vision plans, 401(k), pension, life insurance, parental benefits, adoption assistance, paid time off program with paid holidays plus 16 paid volunteer hours, and various wellness programs.

Additionally, our career path planning and continuing education assists employees with their professional goals.