B

Audit Manager - IT Risk Management

Bank of America
Full-time
On-site
Wilmington, United States

Job Description:

At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. Responsible Growth is how we run our company and how we deliver for our clients, teammates, communities and shareholders every day.

One of the keys to driving Responsible Growth is being a great place to work for our teammates around the world. We’re devoted to being a diverse and inclusive workplace for everyone. We hire individuals with a broad range of backgrounds and experiences and invest heavily in our teammates and their families by offering competitive benefits to support their physical, emotional, and financial well-being.

Bank of America believes both in the importance of working together and offering flexibility to our employees. We use a multi-faceted approach for flexibility, depending on the various roles in our organization.

Working at Bank of America will give you a great career with opportunities to learn, grow and make an impact, along with the power to make a difference. Join us!

Job Description:

As a member of the Corporate Audit – IT Risk Management Audit Team, the Audit Manager will lead audit engagements and guide junior team members.  They will provide independent analysis of control effectiveness based on regulatory requirements, industry best-practices, and company policies & standards. The Audit Manager will demonstrate strategic thinking and supports change. They will execute audit testing that is done timely and within conformance to audit policies, standards, and procedures. This job is responsible for overseeing assigned areas of audit work acting as an Auditor-in-Charge (AIC) and executing on the audit strategy for Lines of Business (LOBs).

Key responsibilities include driving risk-based auditing by defining scope and test procedures to evaluate the control environment in conformance with audit policies, assessing issues for business impact and recommending severity ratings.  Audit Manager will be expected to draft quality and timely audit reports, as well as demonstrate the ability to communicate results with Management. Additionally, will manage Technology partner relationships when conducting specific audits; exercise critical thinking and judgment to effectively influence management to mitigate risk and strengthen the control environment.

When leading an audit engagement, is responsible for timely delivery of the end-to-end review, including day-to-day coaching, quality testing and workpaper documentation, mentoring, and performance feedback. Assesses issues for impact to business processes, controls, and strategies, recommends severity ratings and escalation of broad themes or trends. Provides input into audit reports and engages with stakeholders in the completion of audit work. Exercises critical thinking and judgment to effectively influence management to improve the control environment. Fosters an inclusive work environment.

Responsibilities:

  • Executes audit strategy for the sound application of risk-based auditing by defining audit scope and audit programs, and drafting audit reports leveraging automation and innovative methods in a timely and high-quality manner.
  • Acts as Auditor-in-Charge (AIC) by overseeing audit testing and ensuring it is executed in a timely manner and conforms with quality standards, audit policies, and procedures. Provides day-to-day mentoring and guidance and fosters an inclusive work environment.
  • Maintains business partner relationships, primarily with line management, to develop business knowledge. Assesses impacts to business processes, controls, and strategies to provide recommendations on severity ratings and escalate broad themes or trends accordingly based on existing business knowledge.
  • Exercises sound knowledge of product, business, and technical expertise to effectively challenge management to improve the control environment.
  • Perform audits and issue validations of technology systems and data.
  • Responsible for conducting relevant technology testing (e.g., key automated business controls), IT general controls, data management controls, and other IT controls as indicated in COBIT.
  • Leverage available data and analytical tools during the planning, fieldwork, and reporting phases of audit delivery.
  • Communicate the results of audit projects to management (written reports/oral presentations). Establish and build working relationships with internal and external management.
  • Effective influence skills to communicating findings. This individual must be an articulate and effective communicator, both verbally and in writing.
  • Strong interpersonal skills for interfacing with all levels of internal and external audit and management.
  • Ability to juggle multiple work efforts and to quickly change direction.
  • Exercises intellectual curiosity and judgment to effectively influence and challenge management to improve the control environment and drive continuous improvements on audit.

Skills:

  • Analytical Thinking
  • Audit Planning
  • Internal Audit Review
  • Issue Management
  • Risk Management
  • Business Acumen
  • Coaching
  • Project Management
  • Relationship Building
  • Written Communications
  • Attention to Detail
  • Automation
  • Critical Thinking
  • Technical Documentation

Required Qualifications:

  • Bachelor’s degree OR equivalent work experience; Audit, Risk or Compliance experience in large financial institution (minimum of 8 years).
  • Displays intellectual curiosity, critical thinking, and ability to connect the dots across business and technology risks and controls.
  • Sound organizational, analytical, communication skills, and work paper documentation.
  • Proactive, takes initiative to solve problems, resourceful, and self-driven.

Desired Qualifications:

  • Knowledge and proficiency in testing data quality controls (e.g., completeness, accuracy, and timeliness) and performing data traceability using tools and techniques, such as SQL, Alteryx, Python, etc.
  • Knowledge of enterprise data management policies and standards, regulatory requirement interpretation, and regulatory reporting processes (e.g., NFRR, FRR)
  • Knowledge of enterprise application and change management policies and standards
  • Experience with Third Party Risk

Shift:

1st shift (United States of America)

Hours Per Week: 

40