Description:
The Assistant Vice President, IT Audit is responsible for the leadership and execution of risk-based internal audits across Business Groups CIO application portfolio and technology in Canada, the United States, and Asia.
This role provides independent assurance and advisory support over applications, data, digital delivery, and enabling platforms. The scope is broad and considers both first and second line activities and also includes support for integrated business audits with significant technology scope.
You will lead a global team of 15 IT auditors with 2 direct reports, with resources across North America and Asia.
What will you do?
The scope of responsibilities includes the delivery of all IT audit work, audit plan development and coverage, IT audit universe risk assessments to ensure the adequacy of audit coverage of key risks. It also includes relationship management with senior leaders in the business and across Internal Audit, and management of the global, geographically dispersed audit team.
- Develop and maintain a risk-based IT audit plan. Plan and direct audits and special engagements following Internal Audit methodology; deliver audit reports and findings that clearly articulate the position of risks and issues.
- Provide subject matter expertise as it relates to IT processes to other Internal Audit teams during integrated audits.
- Contribute to the evolution of Internal Audit strategy and delivery, with a forward-looking focus on digital transformation, use of AI and data analytics, and innovation.
- Identify areas of emerging and heighten technology risks impaction the organization, particularly within the CIO-owned domains. Actively stay engaged in latest technologies, regulations, and IT trends.
- Lead clear, high-impact discussions of audit results, risk themes, and control gaps with executive stakeholders.
- Build trusted relationships with senior management, influencing improvements in risk management and control effectiveness.
- Lead the global geographically dispersed audit team across four locations in Canada, the U.S. and Asia with a focus on building and maintaining a high-performing team including the recruitment, administration, development, and retention of staff through strong leadership and coaching.
What do you need to succeed?
Technical & Professional Expertise
- In depth knowledge of audit methodologies, control frameworks, SDLC including Agile, and technology risk management practices.
- Proficient in cyber security risk and control frameworks, and information risk management frameworks.
- In depth knowledge of the latest technology and security trends, best practices, and industry standards.
- Strong working knowledge of risks affecting insurance industry and financial institutions.
- Proven ability to leverage AI and data analytics to expand audit coverage and insight.
Leadership & Influence
- Exceptional communication and listening skills with the ability to convey messages clearly, concisely, and effectively in verbal and written formats.
- Confident presenter and facilitator with strong interpersonal and leadership skills to facilitate working with senior management at all levels.
- Superior influencer and negotiator with ability to effectively manage and resolve conflicts across all levels of management.
- Professional presence, ability to build strong relationships with senior leaders in the business and across Internal Audit.
- Applies critical and strategic thinking to assess risks and controls, identify issues, and maintain attention to detail while considering the broader organizational context.
- Excellent organizational skills, flexibility, and the ability to manage multiple priorities and engagements concurrently.
- Demonstrated ability to effectively lead global teams across multiple geographies, with a strong emphasis on collaboration, inclusion, and consistent audit quality.
Required Education And Experience
- 10+ years of leadership experience in IT, IT Audit and/or IT Risk functions.
- University degree in related disciplines (such as IT, Engineering, Computer Science, Business), plus recognized auditing (e.g. CISA, CIA) and security (e.g. CISSP, CISM, CEH) designations.
- Previous people management experience required with demonstrated employee engagement results.
- This role is expected to work in a hybrid environment (virtual and in the office). Occasional travel to locations in Asia or North America will be needed.