Lead IT Auditor

To lead the planning and execution of complex IT, information security, and integrated audits. Act as Auditor-In-Charge on audits, provide guidance and direction to Internal Audit staff, and participate in Internal Audit initiatives.

Play a role in promoting partnership, trust, and accountability within our organization and building deeper relationships with our audit stakeholders.

• Plan, conduct, and lead the most complex and high-risk IT and / or integrated audits in accordance with Navy Federal and industry audit standards
• Analyze and assess Navy Federal's technological infrastructure to ensure processes and systems run accurately and efficiently, while remaining secure and meeting compliance regulations
• Develop risk-based audit programs including objectives, scope, and test plans
• Provide guidance, coaching, and direction to Internal Audit staff regarding Navy Federal practices and industry standards.

Coach auditors to apply critical thinking skills by seeking to understand and execute assigned control testing and document results according to professional and internal standards

• Act as Auditor-in-Charge managing multiple audits at the same time
• Identify and pursue opportunities to leverage data analytics and technology to drive deeper risk coverage and insights to business partners
• Review and analyze audit evidence and results of testing to determine and document design and operating effectiveness of controls.
• Identify, quantify, and communicate issues and provide risk-based recommendations to implement and enhance internal controls to management in a timely manner
• Review audit workpapers to confirm that relevant information was obtained, analyzed, and evaluated to support audit observations / issues and conclusions
• Lead coordination efforts with points of contact and first / second lines of defense to conduct preliminary research, lead process walkthroughs, document process narratives and workflows, identify key risks and controls, and obtain audit evidence for testing
• Work collaboratively with other departments and stakeholders to provide insights and recommendations for improvement.
• Partner with business areas to ensure adequate remediation plans are developed and implemented
• Draft high-quality, well-written, and timely audit reports for senior management, the President / CEO, and the Supervisory Committee
• Manage audit timelines to ensure the timely reporting of identified risks and issues; report delays and issues in overall audit to management and lead resolution of audit project issues
• Participate in Internal Audit strategic initiatives and act as a champion of change and continuous improvement
• Stay abreast of and ensure compliance with applicable federal, state and industry laws, regulations, and guidelines
• Perform other duties as assigned
• Minimum five years of experience in IT and audit, or a combination of the two
• Advanced knowledge of IT infrastructure and cybersecurity best practices
• Advanced knowledge of control concepts and practices and risk-based auditing techniques
• Expert knowledge of IT Risk, General Controls, Information Security Frameworks and best practices
• Expert knowledge of technology and financial systems risk assessments and documentation
• Experience as an Auditor-in-Charge over IT / integrated audits
• Significant experience managing multiple priorities independently and operating well in a team environment to achieve goals
• Advanced interpersonal and communication skills, including experience working with all levels of staff, management, stakeholders, and vendors
• Significant experience in collaborating across organizational boundaries and building partnerships across various functions
• Advanced interpersonal and communication skills, including experience working with all levels of staff, management, stakeholders, and vendors
• Advanced skill to influence, negotiate & persuade to reach agreeable exchange & positive outcomes
• Advanced skill presenting findings, conclusions, alternatives, and information clearly and concisely
• Expert organizational, planning and time management skills
• Advanced word processing and spreadsheet software skills
• Expert critical thinking, analytical, and problem-solving skills
• Bachelor’s degree or the equivalent combination of experience, education, and training

Desired Qualifications

• IT Certifications CompTIA A+, Network+, Security +, CISA, CRISC, CISSP or GIAC Security Essentials (GSEC) Certification
• Master’s degree in Cybersecurity, Information Technology, or related field

Hours : Monday - Friday, 8 : 00AM - 4 : 30PM

Locations : 820 Follin Ln. Vienna, Virginia 22180 141 Security Drive Winchester, VA 22602 5550 Heritage Oaks Dr. Pensacola, FL 32526