IT Audit Manager

You are as unique as your background, experience and point of view. Here, you’ll be encouraged, empowered and challenged to be your best self. You'll work with dynamic colleagues - experts in their fields - who are eager to share their knowledge with you. Your leaders will inspire and help you reach your potential and soar to new heights. Every day, you'll have new and exciting opportunities to make life brighter for our Clients - who are at the heart of everything we do. Discover how you can make a difference in the lives of individuals, families and communities around the world. Internal Audit contributes to the company through the execution of high quality audit services, which help our clients pro-actively manage risks in their business. The Audit Manager (Information Technology) is a specialist role within IA and reports to the Director - IT Audit for Sun Life. **What will you do?** - Understand the company’s technology strategy, operations and regulatory environment to proactively identify areas of emerging and heightened risk related to technology that affect the company. Reach agreement with management about the risks affecting the technology unit; develop risk management objectives and audit programs to evaluate these risks. - Assess technology that is new to the company or the market, such as cloud computing, mobile technology and high performance computing programs, and their related support models to provide assurance that key risks are managed while introducing new capabilities for our customers. - Develop testing strategies and report on company initiatives related to key risks such as cyber security, information protection and disaster recovery. - Manage multiple simultaneous projects within time budgets and target dates, reporting any timing problems or budget over-runs to Director or AVP. Lead audit staff assisting on projects and review completed files to ensure quality of work completed. - Manage audit projects to cover key risks and produce meaningful audit reports that clearly articulate the position on risks and related issues, while meeting Audit Services operational targets related to budget, timeline and quality of execution. - Develop and implement a strategy to gain ongoing assurance over information services through automated methods. Identify opportunities to automate testing using toolsets deployed internally (CAAT and analytical tools) or through the assessment of other monitoring/analytic tools available on the market. - Perform an inherent risk assessment of assigned audit units, annually. Define and propose changes for information services audit units, maintain record of risks, key activities, systems and processes for sub audit units. Draft and maintain coverage strategy for sub audit units. Provide recommendations and ideas into the development of the IS audit plan. - Perform assessments of information services processes new to the company. - Act as a relationship manager between Audit Services and information services management to proactively understand emerging and developing risk areas. - Participate in the annual SOX / MAR regulatory audits **What do you need to succeed?** - Bachelor’s degree, plus an auditing / accounting designation (CMA, CA, CPA) with an interest in technology / IT or a recognized IT audit / security (CISA, CIA, CISM, CISSP) designation, with at least 5 years of relevant experience. - Experience working in a client-facing, matrix, project-based organization; typically gained through prior audit, advisory, consulting, or public accounting experience in a "Big Four" firm or other large organization. - Working knowledge of financial institution processes, including those relating specifically to group functions such as Finance, Treasury, Communications, Compliance, HR, Wealth Management and Investments is an asset. - Proven managerial skills with progressive experience in leadership and professional development. - Ability to quickly comprehend business processes and identify the risk implications, to analyze complex situations, to reach appropriate conclusions, and make value-added and practical recommendations. - In depth knowledge of audit methodologies, project management and system development methodologies, control frameworks and risk management practices, and regulatory requirements. - Good working knowledge of financial services operations. - Proven track record for developing and carrying out plans to deliver quality results on time and within budget. - Proven relationship management skills including a demonstrated ability to deal effectively with staff of all levels including functional VPs and AVPs. **Knowledge and Skills** - A strong technical background is required with advanced, preferably hands-on knowledge, in 5 or more of the following Technology Infrastructure areas: - Information Security: Governance; Access Administration; Incident & Vulnerability Management; Internal & External Threat Management; Security policies, stan