IT Auditor

Job description

Poste et missions

The Associate/VP IT Auditor for the CIB Americas Platform is responsible for conducting risk-focused IT audits to ensure adherence to bank standards, regulatory guidelines (primarily FRB, NYDFS, and ECB), and industry best practices (mainly FFIEC, COBIT, and ISACA). This role includes evaluating the effectiveness of the IT governance framework in overseeing systems and their integration with business strategies. Additionally, the IT Auditor will identify, monitor, and mitigate IT security risks. The position may also involve participation in generalist audits, such as Vendor Management, Funds Transfer activities, Sanctions screening, and performing data analytics testing.

Key Responsibilities:

·  Support IT audits and the IT components of audits across business lines, support functions, and the control environment.
·  Assist Mission Managers throughout the audit lifecycle: pre-diagnosis, diagnosis (testing), and closure.
·  Examine IT controls, risks, and processes to identify weaknesses and areas for improvement.
·  Evaluate the design and operating effectiveness of the internal control framework and ensure compliance with relevant regulations and industry standards.
·  Assess the robustness of processes and identify opportunities to optimize them (not limited to IT-related processes).
·  Formulate opinions on the organization, governance, processes, and risks of the audited entity or activity.
·  Develop risk-based recommendations for improvements, escalating as appropriate.
·  Document audit procedures, findings, and reports in accordance with Natixis CIB Audit Guidelines, regulatory requirements, and industry best practices.
·  Perform validation testing to confirm the effective implementation and sustained operation of audit recommendations.
·  Liaise with local regulatory examiners and present audit findings to senior management and/or regulators as needed.

 

The salary range for this position will be between $140,000 - 180,000. Natixis is required by law to include a reasonable estimate of the compensation range for this role. Actual base salary will vary and will be based on several factors including, but not limited to, relevant experience, education, skills set, applicable licensure and certifications, and other business and organizational needs. Base salary is only one component of our total rewards package. Natixis also offers a generous benefits package, and you may be eligible for a discretionary incentive award depending on company and individual performance.

Profil et compétences requises

BA/BS from an accredited university/college
Familiarity with internal audit techniques.
Strong understanding of, or demonstrated interest in, IT processes, cybersecurity, IT risk management, and IT governance frameworks.
Knowledge of risk-based IT audits of systems, applications, and infrastructure, including the identification of security risks and vulnerabilities.
Understanding of risks and controls related to CIB activities (front-to-back processes or support functions).
Familiarity with relevant regulatory requirements (e.g., FRB, NYDFS, ECB) and industry standards (e.g., IIA, FFIEC, ISACA, COBIT).
Proficient data analytics skills, including proficiency in Excel for handling large datasets.
Exceptional diligence in documenting testing processes and related workpapers.
Preferred (but not required):
Experience in Big 4 firms or consulting.
Audit or IT-related certifications (e.g., CIA, CISA, CISM, CISSP).
Proficiency in Python or Business Intelligence tools.