Audit Manager- Cybersecurity

at  BMO Financial Group

100 King Street West Toronto Ontario,M5X 1A1
We are looking for a new team member to conduct IT Cyber Audit engagements which critically assess management and internal control processes, approving the nature, extent and timing of the audit, its execution and the formulation of an insightful audit reports which provide clear, concise and memorable insights on issues and possible issues which will assist management in fulfilling its responsibilities. This work provides vital assurance to the Board of Directors and senior management as to the quality of the internal control system and in so doing helps reduce the risk of loss and reputational damage to the Company. This work is instrumental in identifying unacceptable/high risk circumstances that could lead to material impact on profitability or reputation. Provides independent assurance on the quality and effectiveness of internal control, risk management, and governance systems and processes to support senior management and the Board in protecting BMO and its reputation.

Responsibilities:

• This is an individual contributor role and does not involve the direct management of team members.
• Acts as a trusted advisor to assigned business/group.
• Influences and negotiates to achieve business objectives.
• Identifies emerging issues and trends to inform decision-making.
• Provides critical input to Chief Auditor/Assistant Chief Auditor on the practical aspects of the audit and its execution.
• Helps to develop annual audit plan.
• Provides input into Corporate Audit processes identifying opportunities to simplify.
• Executes audits in full recognition of the risks of the group that encompass the inherent risks, control risks and internal/external environment and regulatory risks. This may encompass individual audits and broader capstone audits of Enterprise level functions/processes.
• Conducts advisory engagements and other engagements as required.
• Determines impact of changing strategies, tactics, risks and initiatives on audit, advisory and investigative services.
• Identifies and evaluates the impact of new and emerging technology and technology risk on the organizations processes and control environment.
• Utilizes data analytics in advisory engagements to improve quality and efficiencies.
• Develops an awareness of business strategies, policies and standards providing meaningful insights based upon knowledge and research which will continue to improve the Enterprise management and control processes.
• Maintains the independence of the audit practice and its personnel.
• Develops insightful discussion points contributing to audit reports that provides fair and balanced assessment of governance, risk and control processes based on audit work performed. Deliverables must be objective, clear, concise and timely.
• Identifies control deficiencies and provides a fair and balanced assessment of their magnitude.
• Maintains working knowledge of the industry, regulatory, broad economic environment, and internal environment, as to the development of new strategies and plans, opportunities and risk, to obtain an understanding of the control environment.
• Ensures that all audit procedures executed are conducted in accordance to Corporate Audit Methodology as confirmed by its Quality Assurance program and/or regulatory examination results.
• Applies sound judgement in the execution of the assigned work and ensures open lines of communication.
• Develops and maintains good working relations with key stakeholders.
• Actively monitors change management initiatives and identifies potential risks.
• Actively participates and supports Corporate Audit change initiatives.
• Maintains and enhances professional audit qualifications in line with industry standards.
• Focus is primarily on business/group within BMO; may have broader, enterprise-wide focus.
• Provides specialized consulting, analytical and technical support.
• Exercises judgment to identify, diagnose, and solve problems within given rules.
• Works independently and regularly handles non-routine situations.
• Broader work or accountabilities may be assigned as needed.

Requirements:

• Typically between 5+ years of relevant experience and post-secondary degree in related field of study or an equivalent combination of education and experience.
• IT Audit or technology focused cyber security experience required and financial services and consulting background a plus.
• Professional designations or business designation such as CISA, CIA or other technology focused certifications.
• Deep knowledge and technical proficiency gained through extensive education and business experience.
• Strong verbal & written communication skills.
• Collaboration & team skills - In-depth.
• Analytical and problem solving skills - In-depth.
• Influence skills - In-depth.
• Data driven decision making - In-depth.
• Required 2 days a week in the Toronto office.

• This is an individual contributor role and does not involve the direct management of team members.
• Acts as a trusted advisor to assigned business/group.
• Influences and negotiates to achieve business objectives.
• Identifies emerging issues and trends to inform decision-making.
• Provides critical input to Chief Auditor/Assistant Chief Auditor on the practical aspects of the audit and its execution.
• Helps to develop annual audit plan.
• Provides input into Corporate Audit processes identifying opportunities to simplify.
• Executes audits in full recognition of the risks of the group that encompass the inherent risks, control risks and internal/external environment and regulatory risks. This may encompass individual audits and broader capstone audits of Enterprise level functions/processes.
• Conducts advisory engagements and other engagements as required.
• Determines impact of changing strategies, tactics, risks and initiatives on audit, advisory and investigative services.
• Identifies and evaluates the impact of new and emerging technology and technology risk on the organizations processes and control environment.
• Utilizes data analytics in advisory engagements to improve quality and efficiencies.
• Develops an awareness of business strategies, policies and standards providing meaningful insights based upon knowledge and research which will continue to improve the Enterprise management and control processes.
• Maintains the independence of the audit practice and its personnel.
• Develops insightful discussion points contributing to audit reports that provides fair and balanced assessment of governance, risk and control processes based on audit work performed. Deliverables must be objective, clear, concise and timely.
• Identifies control deficiencies and provides a fair and balanced assessment of their magnitude.
• Maintains working knowledge of the industry, regulatory, broad economic environment, and internal environment, as to the development of new strategies and plans, opportunities and risk, to obtain an understanding of the control environment.
• Ensures that all audit procedures executed are conducted in accordance to Corporate Audit Methodology as confirmed by its Quality Assurance program and/or regulatory examination results.
• Applies sound judgement in the execution of the assigned work and ensures open lines of communication.
• Develops and maintains good working relations with key stakeholders.
• Actively monitors change management initiatives and identifies potential risks.
• Actively participates and supports Corporate Audit change initiatives.
• Maintains and enhances professional audit qualifications in line with industry standards.
• Focus is primarily on business/group within BMO; may have broader, enterprise-wide focus.
• Provides specialized consulting, analytical and technical support.
• Exercises judgment to identify, diagnose, and solve problems within given rules.
• Works independently and regularly handles non-routine situations.
• Broader work or accountabilities may be assigned as needed