Audit Project Manager - CIO

at  US Bank National Association

At U.S. Bank, we’re on a journey to do our best. Helping the customers and businesses we serve to make better and smarter financial decisions and enabling the communities we support to grow and succeed. We believe it takes all of us to bring our shared ambition to life, and each person is unique in their potential. A career with U.S. Bank gives you a wide, ever-growing range of opportunities to discover what makes you thrive at every stage of your career. Try new things, learn new skills and discover what you excel at—all from Day One.

JOB DESCRIPTION

U.S. Bank Corporate Audit Services (CAS) is seeking a strong candidate to join our growing team of audit professionals within our Technology and Operations Services Team as a Senior Audit Project Manager.
This role will align to the Technology Services Audit team which provides global audit coverage for multiple technology organizations within USB and is responsible for auditing the core Technology processes (e.g., application functionality testing, application development, change management, vendor management, interface controls, logical access controls, and input/processing/output controls, and business continuity), and related risks and controls within Technology Services. Chief Information Office collaborates with business partners (Consumer and Business Banking, Wealth Management and Investment Services, Corporate and Commercial Banking, Payment Services) as well as Risk and Corporate Support Functions but not limited to, Infrastructure, Technology Transformation, Enterprise Architecture and Engineering, Data and Digital Technology infrastructure, including emerging technologies. The Technology Services Audit Team also drives thematic, horizontal reviews focused on cloud, data, and emerging technologies.

PREFERRED SKILLS/EXPERIENCE

• Knowledge of IT application and general controls is required. Some working knowledge of Cloud (PaaS, IaaS, etc.), Application Programming Interface (APIs), Micro Services, Middleware, databases, and DevOps is preferred
• Experience leading multiple audits concurrently and executing all stages of audit successfully
• Experience validating audit and regulatory issues within agreed-upon timeframes
• Proven track record of adapting to a fast-paced environment and effective multi-tasking, being able to manage multiple projects simultaneously
• Critical thinking and problem-solving skills
• Participate in engagement team for assurance engagements involving platforms (AWS Cloud, etc.) and critical software assets across the technology space, as well as advisory engagements consulting on critical technology initiatives
• Advanced understanding of the business line’s operations, products/services, systems, and associated risks/controls
• Assess the adequacy of the control environment, identify control gaps and opportunities for continuous improvement based on relevant knowledge and experience
• Ensure delivery of the highest quality reports and value-add recommendations and insights
• Stay current on industry trends and technology related to Cloud, Networking, and Security
• Advanced knowledge of applicable laws, regulations, financial services, and regulatory trends that impact their assigned line of business
• Advanced knowledge of Risk/Compliance/Audit competencies and ability to execute an assignment entirely independently
• Strong process facilitation, project management, and analytical skills
• Must possess business acumen and credibility to help business line(s) proactively identify and address changing workforce needs
• Motivated individual with excellent presentation, interpersonal, written, and verbal communication skills
• Proficient computer navigation skills using a variety of software packages, including Microsoft Office applications and word processing, spreadsheets, databases, and presentations
• Experience with major cloud service provider (AWS, GCP, Azure)
• Understanding of Cloud Security Alliance’s Cloud Control Matrix
• Understanding of IAAS technologies hosted on public cloud deployments
• Understanding of DevSecOps and CICD pipeline processes
• Applicable professional certifications preferred (e.g., CISSP, CCSP, CSAK, CCSK, CAMS)

PRIMARY RESPONSIBILITIES

• Lead complex audit projects that are horizontal in nature and supervise staff in the completion of audit engagements with minimal supervision from managers, however there are no direct reports
• Monitor progress of audit engagements against plan and schedule, assess work performed by the audit engagement team, and
• Provide coaching and on-the-job training for team members to ensure engagements are completed in conformance with internal audit policies and procedures
• Work as a subject matter expert in a particular topic, helping drive strategy, and may support multiple audit engagements covering the related topics
• Handle complex tasks autonomously and is able to influence business line understanding of risk mitigation
• Partner with their assigned Line of Business, other Risk/Compliance/Audit (RCA) professionals, and RCA Managers to, depending on their function, create, implement, maintain, review or oversee an effective risk management framework.
• Participate in projects and/or activities that ensure compliance with applicable federal, state and local laws and regulations.
• Identify gaps and inform solutions that minimize losses resulting from inadequate internal processes, systems or human errors.
• Identify, respond and/or escalate risks as appropriate
• Help support third line assurance efforts relating to a large-scale cloud migration and ongoing support subsequent to the migration.

Our approach to benefits and total rewards considers our team members’ whole selves and what may be needed to thrive in and outside work. That’s why our benefits are designed to help you and your family boost your health, protect your financial security and give you peace of mind. Our benefits include the following (some may vary based on role, location or hours):

• Healthcare (medical, dental, vision)
• Basic term and optional term life insurance
• Short-term and long-term disability
• Pregnancy disability and parental leave
• 401(k) and employer-funded retirement plan
• Paid vacation (from two to five weeks depending on salary grade and tenure)
• Up to 11 paid holiday opportunities
• Adoption assistance
• Sick and Safe Leave accruals of one hour for every 30 worked, up to 80 hours per calendar year unless otherwise provided by la