IT Audit Infrastructure, Assistant Vice President

at  State Street Corporation

WHO WE ARE LOOKING FOR

We are looking for an IT Audit Infrastructure, Assistant Vice President within State Street’s Corporate Audit Division to lead audit engagements focused on Information Technology within the Global Technology Services (GTS) Business Unit. GTS is a key enabler to achieving State Street’s vision to be a technology-led innovator, a leading enterprise outsourcing partner, and a resilient platform for our investors. GTS aims to deliver innovative product and platform capabilities, a resilient and scalable technology platform, and continuous productivity to enable State Street to win across each of its client segments. In this role, under the direction of senior Corporate Audit management, you will oversee individual audit engagement and lead assigned teams through all aspects of the audit (e.g., planning, assessments, testing and reporting). You will also play a critical role in the ongoing development of Corporate Audit staff and support various Division initiatives. This role is based out of Toronto, Canada, or Boston, Massachusetts in US.

EDUCATION & PREFERRED QUALIFICATIONS

• University degree in Information Systems, Computer Science, or related field; or, an advanced degree in Information Technology, Cyber Security, or Systems Engineering preferred.
• Preferred professional certification(s): CISA, CISSP, CRISC, CISM.
• 5+ years’ experience executing or auditing the following technology-related areas:
• Financial services operational processes and technology
• Automated business process controls
• Enterprise security controls frameworks
• Enterprise application development models (i.e., waterfall, rapid prototyping, agile)
• IT asset Management
• Lifecycle Management
• Technology Governance
• Identity and Access Management / Privileged Access Management / Adaptive Authentication Solutions
• Resiliency and Business Continuity Management
• Cloud Solutions (SaaS, PaaS, IaaS)
• Data Loss Prevention technologies and support processes
• Vulnerability Scanning and Penetration Testing
• Perimeter / Internal Security Technologies (Firewalls, Intrusion Detection, and Prevention Systems)
• Network Segmentation and Separation Solutions
• Platform and Configuration Hardening Practices
• Threat Intelligence and Insider Threat Detection
• Security Incident and Event Management (SIEM) Technologies
• Cyber Incident and Response
• Data protection (GDPR)

ADDITIONAL REQUIREMENTS

While majority of the time you will work from your primary location, some domestic and international travel may be required to a variety of locations where State Street operates.

ARE YOU THE RIGHT CANDIDATE? YES!

We truly believe in the power that comes from the diverse backgrounds and experiences our employees bring with them. Although each vacancy details what we are looking for, we don’t necessarily need you to fulfil all of them when applying. If you like change and innovation, seek to see the bigger picture, make data driven decisions and are a good team player, you could be a great fit.

WHY THIS ROLE IS IMPORTANT TO US

The team you will be joining plays an important role in the overall success of the organization. Across the globe, institutional investors rely on us to help them manage risk, respond to challenges, and drive performance and profitability; regulators rely upon us to provide assurance that the bank operates in a manner that is compliant with key banking regulations to properly manage risks to the company and the global financial systems. To make that happen we need teams like yours to help navigate employees and the organization as a whole. In your role, you will help us build resilience and execute day to day deliverables at our best. Join us if making your mark in the financial services industry from day one is a challenge you are up for.

WHAT YOU WILL BE RESPONSIBLE FOR

As an Infrastructure IT Auditor, Assistant Vice President you will:

• Plan, oversee, and execute audits according to the Division’s risk-based audit methodology, other internal standards and industry practices.
• Supervise and direct the execution of risk and control assessments, along with the effective and efficient testing of key controls.
• Review audit workpapers to ensure execution in line with internal standards and that conclusions are properly supported.
• Draft audit reports that clearly communicate overall conclusion, including: key risks, identified issues and their root cause, and impact on overall business strategy.
• Work in partnership with business area management to communicate expectations and manage any project issues that may arise during the audit engagement.
• Escalate potential and identified issues to senior management timely and work with business management to develop and negotiate solutions.
• Develop and maintain a thorough understanding of assigned areas of responsibility, including key technology, products, organizational activities, regulatory environment and global footprint.
• Establish and maintain strong and effective client relationships with business management across the lines of defense and assist management in understanding and implementing / maintaining internal control principles.
• Contribute to change initiatives through active participation in working groups and adoption of practices in day-to-day responsibilities.
• Coach and mentor audit staff as part of their ongoing development.

These skills will help you succeed in this role

• A high degree of professionalism with proven history of providing effective leadership to diverse teams.
• The ability to manage complexity, effectively prioritize multiple tasks and work independently in non-routine situations and in a fast-paced environment.
• Excellent analytical, problem resolving, communication (written and verbal), interpersonal, organizational and presentation skills.
• Demonstrated ability to synthesize understanding of business processes into value added feedback on risk and control environment.
• Proven ability to research, interpret and apply regulatory requirements.
• Fluency in English, both written and spoken