Manager, IT Audit & Advisory

Job Description

Your New Role

WBD Internal Audit's vision is to accelerate innovation, efficiency and effectiveness when providing assurance, advisory services, and risk anticipation.

As the Corporate Technology Audit Manager, you will be responsible for executing and leading teams in the execution of technical assurance and advisory projects to drive value, impact, and influence across the organization with focus on the Corporate segment.
• Partner with key stakeholders (CIO, CISO, IT SLT, IT Compliance, ERM, etc.) to lead IT risk assessments and develop audit plans.
• Support plan and execution of concurrent IT and integrated audits and advisory projects, including reviews of cyber security, system controls, system development and implementation, technology infrastructure and specialized or emerging technologies.
• Identify and assess complex and emerging risks (both business and technological), and provide guidance to Business and IT management to mitigate these risks.
• Assess design and effectiveness of controls over application processes, physical and logical security, systems acquisition and development, system and network infrastructure, system architecture, organizational change, computer operations, and production support.
• Proactively drive innovation and efficiency through the practical use of analytics, robotics, and other groundbreaking tools to deliver accurate, efficient, and valuable insights to management.
• Develop an ongoing ''trusted advisor'' relationship with audit clients and Internal Audit business unit colleagues to ensure timely, consistent, and objective controls advice.

Your Role Accountabilities
• Align technology audits and advisory projects with the prioritization of enterprise risks and organization objectives to assess, manage, and optimize information technology risk across a wide range of areas, including cybersecurity, IT strategy and governance, IT Operations, IT regulatory and compliance, and business continuity and disaster recovery.
• Develop and maintain relationships with key business partners within the Corporate segment to stay abreast of relevant business developments and evolving IT risk areas to shape the long-term strategic plans of the IT audit organization.
• Lead and perform data driven risk-based audit assessments of key systems and applications within the Corporate business segment, drafting audit reports, and collaborating closely with and reporting to senior leaders on audit results and corrective actions.
• Manage a team of technical auditors (both internal and external) to audit across a large scale Corporate organization, performing risk and data analysis, delivering high quality audit reports, and communicating to senior leaders on results and corrective action.
• Fostering commitment, continuous learning, and collaborative interactions within an Agile audit team of audit professionals.
• Partner with business stakeholders to assess internal controls over IT to comply with legal and regulatory requirements, including privacy legislation and IT frameworks and standards such as COBIT, COSO, ISO, and SOX.
• Provide advisory services and formal assessments of system implementations and IT integration efforts to ensure proper controls are built into the design and configurations, including the overall project development lifecycle and testing process.
• Support the development of digital analytics and automation utilizing groundbreaking methodologies and automation tools as a core capability within the Internal Audit team.
• Exploit technology-enabled methodologies and innovation to deliver results with more accuracy, efficiency, and value.

Qualifications & Experience
• 7+ years of IT audit, or IT assurance and advisory experience, preferably with a Big 4 or leading risk advisory / public accounting firm
• 3+ years managing people or teams
• Deep audit, risk, and control experience in various technologies such as application control environments, cloud technologies, networking technologies, big data environment, data analytic technologies, operating systems, and database systems
• Experience assessing the design and implementation of internal control and enhancing automation related to system implementations
• IT risk and control advisory experience delivering insights using data analytics to influence and affect change. Partnering with all levels of senior leadership.
• Experience partnering with the second line of defense (SOX, SOC, PCI/DSS, ISO, etc.)
• BA/BS/MS in Technology, Information Systems, Management Information Systems, Accounting Information Systems, Computer Science, or related field of study.
• Professional audit or information security certifications preferred (CISA, CISSP, CISM, CRISC, SANS GIAC, etc.).
• SAP S4 Hana product suite experience desirable.
• Overall understanding of SAP and knowledge of SAP GRC Process Control or other similar compliance tools
• Hands-on skills or knowledge in various technology areas such as Information Security Topics (Identity and Access Management, Authentication Services, DevSecOps, Encryption etc.), Operating Systems (UNIX/Linux, Windows), Cloud Technologies (AWS), Cloud Tools, Big Data environment (Hadoop, Splunk, etc.), Networking Technologies (Software Defined Networking, Firewalls, Proxies, Routing etc.), Database Systems (Oracle, DB2, SQL Server).
• Robust knowledge of IT platforms, processes, systems and controls, including areas such as network security, logical access and change management controls at an infrastructure and application level, databases and systems maintenance etc.
• Strong understanding of cybersecurity risks, external trends, and coverage.
• Working knowledge or hands-on skills with various Programming/Scripting Languages (Python, PowerShell, Java, etc.), Audit testing tools, and Automation.
• Knowledge of data analytics development life cycle.
• Knowledge of agile audit principles and methodologies preferred.
• Understanding of IT & information security management frameworks and standards such as ISO, SANS, COBIT, ITIL, and regulations such as SOX, PCI Compliance, etc.
• High level of self-confidence, strong people and management skills and proven leadership ability, strong influencing skills preferred.
• Excellent written communication and presentation skills to articulate IT coverage to non-technical executives.
• Deep technical problem solving and data analytical skills.
• Strong customer focus; good listening, negotiation, and problem-resolution skills
• Experience interacting with all levels of management.
• Must maintain a continuous improvement mindset and focus on automation opportunities to drive efficiencies and reduce costs.
• Must have the ability to work in a highly collaborative, team-oriented environment.
• Understanding of the media industry.
• Self-starter with the motivation to learn new tools and technology, and keep up with industry developments.

Jobcode: Reference SBJ-gk7owp-216-73-216-174-42 in your application.