Manager, Internal Audit Information Technology & Security
What You'll Do
This role will manage independent assessments of OCC's Information Technology and Security environment, risk management, and other objectives as needed. The role is responsible for defining the proper scope, approach, and quality are integrated into each audit and that regulatory, operational, and strategic risks are sufficiently mitigated by Management. This role will also be required to present recommendations for improvements to the Internal Audit Leadership and finding owners. In addition, as a manager you will own the coaching of your direct reports, developing their skills and supporting their career development.
Primary Duties and Responsibilities:
To perform this job successfully, an individual must be able to perform each primary duty satisfactorily.
Responsibilities will be aligned, but not limited, to four pillars:
Aid in the development of the risk assessment and comprehensive audit plan on an annual basis.
Lead multiple audits and validations simultaneously.
Defining and leading the execution of audit projects in accordance with the annual audit plan.
Owning the audit quality, accuracy of results, and delivery in a timely manner.
Leading audits related to organization changes including business requirements definitions, technology implementations (e.g., changes to the supported business processes), engagement and alignment of change initiatives to business objectives.
Ability to clearly articulate professional principles and standards (e.g., AICPA, IIA IPPF, COBIT, NIST CSF) and the relevancy to risk management and impact on policies and procedures. In addition, leveraging these principles and standards to test and evaluate corporate risk management processes and controls.
Maintaining an understanding of policies, procedures, standards, and supporting technologies, and educating staff accordingly, to effectively identify potential risks and alternatives to mitigate risk exposure leveraging leading practices.
Keeping current on leading practices and emerging risks within the financial services industry and making recommendations for improvements as necessary.
Serving as a liaison with external parties and regulators to facilitate timely and efficient external reviews, knowledge transfer, and controls and process education.
Supporting other department-wide activities such as but not limited to peer reviews of audit deliverables, policy and procedure development and refinement, etc.
Lead and implement strategic initiatives related to new audit programs/processes, technology or other initiatives.
Planning, leading and reporting for risk-based and special request audit assignments.
Proactively identifying regulatory, operational, and/or strategic risks to the organization and deliver recommendations for improvements to senior leadership.
Developing and maintaining effective relationships with business groups and leadership and partnering with management.
Effectively lead audit staff, providing direction, clearly defined performance expectations, coaching and feedback, and recognition/motivation.
Providing oversight and coaching to the team, both internal and/or co-sourced resources, confirming the delivery, quality and auditee experience.
Manage a team
The requirements listed are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the primary functions.
Qualifications & Experience will be required, but not limited, to:
Ability to communicate clearly and effectively, both orally and in writing, including the ability to handle potentially sensitive situations and discussions.
Strong problem solving and analytical capabilities.
Demonstrated ability to gather, analyze, and evaluate facts, and prepare and present concise oral and written reports.
Ability to work independently or as part of a team, prioritizing multiple audit assignments to simultaneously complete each in a timely fashion.
Experience working in a complex, fast paced environment.
Experience using the principles, practices, and techniques involved in conducting audits in accordance with the requirements set forth in the International Standards for the Professional Practice of Internal Auditing published by the Institute of Internal Auditors (IIA).
[Preferred] Consulting and/or accounting firm experience.
[Preferred] Experience in Financial Services/Security Industry and working with regulations such as Regulation Systems Compliance and Integrity (Reg SCI).
[Required] Microsoft Office applications
[Required] Proficiency using Archer or other audit or Governance Risk and Compliance (GRC) software
[Required] Familiarity with security tools such as: CyberArk, Splunk, SailPoint
[Required] Familiarity with change management tools such as: ServiceNow, Jira, Confluence, GitHub
[Preferred] Familiarity with databases such as: Oracle, DB2, SQL
[Preferred] Familiarity with cloud based solutions: AWS, Azure, Oracle Cloud, Workday
Education and/or Experience:
[Required] Bachelor’s degree (or equivalent) in Information Technology, Computer Science, Computer Engineering, Accounting, Finance, Business Administration, or related field.
[Required] 5+ years of experience (audit-related) in conducting risk-based Information Technology and Security audits and projects, cyber security reviews, and internal audits.
Certificates or Licenses:
[One of these required] Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certification in Risk Management Assurance (CRMA), Certified Internal Auditor (CIA), Certified Public Accountant (CPA), or equivalent.
Who We Are
The Options Clearing Corporation (OCC) is the largest equity derivatives organization in the world. We provide central counterparty clearing and settlement services for equity options, futures, options on futures, and securities lending transactions. We serve approximately 115 clearing members and 15 exchanges including CBOE, Nasdaq, and NYSE.
What We Offer
We offer a highly collaborative and supportive environment developed to encourage work-life balance and employee wellness. Some of these components include:
A hybrid work environment
Up to 2 days per week of remote work
Tuition Reimbursement to support your continued education
Student Loan Repayment Assistance
Technology Stipend allowing you to use the device of your choice to connect to our network while working remotely
Generous PTO and Parental leave
Competitive health benefits including medical, dental and vision
When you find a position you're interested in, click the 'Apply' button. Please complete the application and attach your resume.
You will receive an email notification to confirm that we've received your application.
If you are called in for an interview, a representative from OCC will contact you to set up a date, time, and location.
OCC is an Equal Opportunity Employer
- Dallas, TX
- Full Time Regular
- Posted: Oct. 31, 2023
How to Apply
Step 1 - When you find a position you're interested in, click the 'Apply' button. Please complete the application and attach your resume.
Step 2 - You will receive an email notification to confirm that we've received your application.
Step 3 - If you are called in for an interview, a representative from OCC will contact you to set up a date, time, and location.
OCC is an Equal Opportunity Employer
Numerous studies have shown that people from groups that are traditionally under-represented in financial services apply to jobs only if they believe they meet 100% of the requirements. We want to break down this mindset to further diversify our workforce.
We encourage you to review our open positions and apply if you think your experience may be a match, even if you do not meet all of the qualifications. Your perspective may be an element we need to continue building innovative solutions to support the markets and market participants we serve.
OCC is a globally recognized entity that clears a multitude of diverse and sophisticated products. We want to reflect this in the diversity of our workforce.