Senior It Auditor

Description:

The role of the Senior IT Auditor, Assurance & Advisory is to deliver technology-focused audit assignments as part of a wider team to verify applications (including their development and support) and infrastructure, as well as ensuring this is effectively controlled and that risks are mitigated. You will be required to lead and participate in the planning and execution of audit assignments in line with the audit methodology, as well as produce findings and draft reports for presentations to Senior Management. The role will report directly to the Vice President of Internal Audit in Canada.

The successful candidate will play a key role in assisting the Senior Manager of Internal Audit grow and deepen the technology audit footprint (depth and breadth), and have the opportunity to help shape and build technology audit capabilities in Canada and across the Fidelity International group.

What You Will Do

Deliver technology-focused audit assignments to ensure applications, development/support processes, and infrastructure are effectively controlled and risks are mitigated.
Lead and participate in planning and execution of audits in line with the agile audit methodology.
Produce findings and draft reports for presentation to Senior Management.
Assess IT controls across applications, infrastructure, and development processes.
Plan and execute audit scope coverage, fieldwork and testing within the given timeframe.
Document audit testing using best practices and form conclusions based on the outcome of the testing, including the identification of areas in need of improvement, and assisting Technology in the development of an action plan.
Keep Internal Audit and stakeholders management fully informed of the progress of all assignments and following-up issues to ensure that all agreed improvements have been actioned.
Work alongside business auditors to deliver ‘integrated’ audits by testing specific IT general and application controls supporting business process.
Provide advisory type of services to stakeholders by quickly developing an understanding of management requests / projects, and providing real time feedback and recommendations to assist business mitigating risks.
Draft audit reports that provide a clear description of issues identified, related business impact, and proposed action plans/control enhancement opportunities.
Engage with stakeholders for the validation and timely closure of audit findings.
Perform business unit risk assessments, evaluate business initiatives, organizational and regulatory changes, and identify any audit gaps and control weaknesses within the information technology audit universe.
Work with business stakeholders to assess, identify risks, advise and consult on a wide variety of technology related topics, including but not limited to Cybersecurity; Cloud Computing; Data Governance and Architecture and Emerging Technologies
Cybersecurity
Cloud
Data Governance
Emerging Technologies
The Expertise You Bring

Deep understanding of IT audit methodologies and frameworks (e.g., COBIT, NIST, ISO).
Strong knowledge of application development, infrastructure, and IT operations.
 Expertise in technology risk and control frameworks.
 Ability to collaborate globally and influence technology audit strategy.
 Proven experience in IT audit, risk management, and control frameworks.
 Strong leadership and project management skills.
 Ability to contribute to shaping technology audit strategy and capabilities.
 Forward-thinking approach to emerging technology risks and audit trends.
Excellent communication skills to vocalize and communicate concisely and clearly articulate thoughts and ideas across all levels (written, verbal, presentation).
Identifies and acquires the necessary data to meet the use case objectives, and explores data to build foundational data knowledge in the subject domain, in partnership with data owners
Presents technical analyses in a meaningful and intuitive manner, in accordance with the target audience
Strong proficiency in developing applications using languages such as Python, Javascript or others with a focus on creating user-friendly interfaces
Expert knowledge and extensive experience related to technology controls and risks associated with products across asset management.
Strong knowledge of audit principles, frameworks and standards such as IIA, ISACA and NIST standards.
Outstanding oral and written communication skills and ability to communicate clearly and concise at all levels.
Strong client management, and problem-solving skills, and ability to respond effectively to changing business needs.
Ability to build strong relationships and influence senior stakeholders.
Excellent organizational skills and delivery focus with an ability to work to tight deadlines.
High energy, positive attitude and goal driven; ability to work effectively in a team while being flexible and adaptable.

What We're Looking For

5+ years of relevant work experience
University degree (BS/BA in accounting, computer science or other IT-related field) required, or equivalent work experience.
CISA/CISM or equivalent is required. CISSP or Security related certifications will be a plus.
Experience in leading IT application and infrastructure related audit engagement throughout an audit cycle from planning to reporting, preferably in financial services (i.e., asset management, brokerage).
Deep experience with most common operating systems (Windows, Linux, iOS, Android) and databases (Oracle, SQL as well as cloud-based database, i.e., Snowflake).
Experience with enterprise cloud infrastructures such as Amazon Web Services, Office 365, and Azure.
Sustained hands-on technical experience working in cybersecurity and ransomware.
Strong understanding of emerging technology (AI/ML).