BNY Mellon Careers
Technology Audit Director
BNY Mellon seeks an accomplished professional who has demonstrated expertise and leadership abilities in covering Application Technologies. The Application Technology Global Audit Director will work closely with the Heads of the Business Audit teams as well as the regionally-based Technology Audit leads in EMEA and APAC to develop and execute a comprehensive risk-based audit plan that provides independent review of key technology controls across the Firm. A majority of the audit work will be related to providing support for the business integrated audits that are executed regionally or globally. Based in New York, this role will report to the Global Head of Technology Audit, also based in New York.
The candidate will play a leading role within the global technology audit team and will be expected to contribute significantly to the development of the risk-based Application Technology audit strategy, periodic review of the Audit plan and related goals for BNY Mellon’s Internal audit function, including identifying and evaluating areas, operations and projects requiring audits. Specific responsibilities include:
· Oversee execution and delivery of a number of technology-specific audits and technology aspects of business-integrated audits, providing management oversight and senior level stakeholder engagement.
· Directs the performance of audit assignments (and reviews), including planning, execution, and completion of all audit objectives. Identify significant risks within each operation under review and ensure audit procedures developed are appropriate to address the risks. Approve scope, personnel assignments, timing of engagement, review of work papers, staff evaluations, etc.
· Effective resource manages the Application Technology team so that audits are sufficiently staffed and deadlines are met with minimal project overages.
· Directs the staff on assessing risk, establishing project scope, audit program design and execution of control design and operating effectiveness tests.
· Effectively manages assigned audit staff on projects as well as those administratively assigned to execute the audit.
· Effectively performs all HR-related company processes such as Performance Management, mentoring, development planning, organizational structure, etc.
· Provide timely and candid feedback and coaching to staff.
· Supports team in meeting the 40-hour training.
· Responsible for the quality of the audit group's work and the implementation of divisional initiatives and goals. Responsible to drive continuous improvement initiatives and is a consulting partner providing strategic advice on emerging risks, control themes, and both broad and specific solutions to problems.
· Manages the relationship with external auditors as well as with regulators, meeting with the key stakeholder regularly.
· Attends key governance committees as non-voting member, and provides input from a risk and control perspective.
· Ensures the technology audit approach adequately addresses any support needed by external auditors for execution of SOC 1 reporting, as well as helping to drive an approach to future needed SOC 2 reporting.
· Act as a change agent to improve process efficiency, accuracy and accountability across the organization
QualificationsSkills and Experience:
- Ability to operate in a fast-paced, dynamic environment
- Strong understanding of application development processes and common application paradigms such as web-based, cloud-based and API (Application Program Interface) focused systems, Robotics, etc..
- Experience in a technology audit or related controls function
- •Financial services experience is preferable.
- Undergraduate or graduate degree in management information systems or a technology field is preferred. BA/BS is required
- Strong project management, organizational skills and presentation skills
- Experience managing teams of skilled professionals – ability to recruit and maintain a high-performing team
- Excellent communication (verbal, written, and listening) and interpersonal skills; strong writing skills, particularly as related to audit reports and management presentations
- Ability to develop and maintain effective working relationships with executive management and external regulators
- Understanding of best practice control frameworks such as CoBIT, OWASP, ISO, ITIL and COSO
- Professional certifications such as CISA or CISM, or a secure application development certification such as CSSLP or GSSP, is preferable.
BNY Mellon is an Equal Employment Opportunity/Affirmative Action Employer.
Minorities/Females/Individuals With Disabilities/Protected Veterans.
Primary Location: United States-New York-New York
Internal Jobcode: 85008
Organization: Audit Technology-HR07992
Requisition Number: 1809951