Overview

Are you ready to lead a dynamic team and make a significant impact? As the Manager of IT Audit - Core IT Audits! You'll have a unique opportunity to grow, learn, and provide assurance over a fast-paced IT environment undergoing a digital transformation and modernization efforts, ensuring our IT infrastructure is robust and secure. Come join us and be at the forefront of innovation and excellence!

To plan, direct and manage the Internal Audit (IA) Information Technology (IT) Core IT Audit Program, including, but not limited to, Information Security, Identity and Access Management (IAM), Cloud, Application Programming Interface (API) Audits; lead and conduct complex IT, information security and continuous audits; and provide technical IT expertise to team members while supporting wide-ranging IA initiatives.

Facilitate and support IT audit and examination activities of external auditors and NCUA examiners. Oversee IA programming and data extraction efforts and advise Operational Audits that have an IT impact. Ensure compliance with federal and state regulations and established internal policies and procedures. Administer Internal Audit systems and applications.

This position is eligible for the TalentQuest employee referral program. If an employee referred you for this job, please apply using the system-generated link that was sent to you.

Responsibilities

• Lead, oversee and conduct the most complex IT and information security audits to ensure accordance with Navy Federal and industry audit standards

• Lead consulting engagements in performing vulnerability assessments and penetration testing to IT infrastructure

• Manage third party consultants; including preparing requirements, RFPs, vendor selection, SOW, rules of engagement and coordinating with Information Security and Information Services

• Plan annual Information Technology and Information Security audits for the organization based on business needs and by assessing emerging risk, including cloud and vendor services, new technology and projects

• Align division plans with corporate level plans to ensure seamless and integrated approach to implementation of findings

• Ensure the auditor-in-charge defines expectations (controls analysis) for each audit project including audit objectives, initial planning activities, key contacts, and scope of project

• Oversee progress of IT audit projects and intercede as needed when difficulties/roadblocks are encountered

• Review and evaluate audit reports to ensure that findings and recommendations are reasonable, effective and prepared in accordance with Internal Audit Standards

• Obtain post-audit feedback from senior management to ensure findings are appropriately addressed and resolved within the timeframes requested

• Manage the closure of remediated IT findings

• Consult with key strategic partners to achieve goals and facilitate team building, issue escalation, and consensus to further IT audit objectives Page 2 of 3

• Develop programs, databases, and systems for IA improved efficiency and use, including implementation of continuous auditing techniques

• Identify changes in regulatory practices and keep informed of industry and environmental trends related to IA issues and communicate information to senior management and staff

• Consult on projects related to the development and improvement of systems, products and procedures and provide advice on structure, controls and solutions when requested.

• Drive change management and process improvement efforts through collaboration and analysis of department objectives

• Represent the department, acting on behalf of department leadership, as liaison and spokesperson to Navy Federal committees, other Departments and senior management regarding all areas of IT and Information Security, including periodic presentations and report updates to Supervisory Committee

• Manage the development of data extracts to support external auditors, year-end financial audits, Member confirmation notices, and support requests of employee activity for Human Resources and Security

• Ensure external auditors and examiners are satisfied with audit procedures and audit findings

• Manage Internal Audit staff to include responding to Computer Assisted Audit Techniques, administration and programming of Auto Audit system and Internal Audit databases

• Lead audit system upgrade projects, working with IT technical and vendor resources

• Perform other duties as assigned

Qualifications

• Extensive experience in IT and Information Security Risk Management and Internal Controls concepts and practices

• Extensive experience as Auditor-in-Charge of complex, IT and integrated audits

• Extensive knowledge of IT/operational analysis which includes expertise in analyzing effectiveness and accuracy of complex financial matters and risk-based auditing techniques

• Expert knowledge of the internal audit function and processes, preferably in a financial institution

• Expert knowledge of Internal Controls concepts and practices and risk-based auditing techniques

• Extensive experience supervising and leading professional employees

• Extensive experience managing multi-dimensional teams and projects of great complexity, risk and impact which involve organization, holding strategy and status meetings, planning, motivating and managing the work of participants

• Expert experience demonstrating thought-leadership, initiative-taking, decision-making and creativity solving business problems

• Extensive experience in creating, generating and maintaining data, reports, queries, etc.

• Extensive experience working with all levels of staff, management, stakeholders, vendors

• Expert skill in results-oriented leadership in a challenging environment

• Expert skill presenting to stakeholders & management

• Expert skill building effective relationships through rapport, trust, diplomacy and tact

• Expert analytical thinking skills to include summarizing information and clearly identifying key elements, patterns, results or relationships

• Expert skill presenting findings, conclusions, alternatives and information clearly and concisely

• Expert skill to influence, negotiate and & persuade to reach agreeable exchange & positive outcomes

• Bachelor's degree or related field, or the equivalent combination of experience, education and training

Desired Qualifications

• Experience with credit union financials and/or regulations

• Working knowledge of NFCU products, services, programs, policies and procedures

• Certified Internal Auditor (CIA)

• Certification as or candidate for CISA, CISSP or CCSP

• Cloud experience, including Oracle, Azure, Pega, MS Dynamics. GCP, AWS

• Cloud certifications – AZ-900 (Fundamentals), AZ-500 (Security Engineer), AWS Cloud Practitioner, AWS Solutions Architect Associate/Expert, AWS Security Speciality, GCP Digital Leader, GCP Professional Cloud Architect, GCP Professional Security Engineer

• Master's degree or related field, or the equivalent combination of experience, education and training

Hours: Monday - Friday, 8:00AM - 4:30PM hybrid 3x/week

Locations: 820 Follin Lane Vienna, Virginia 22180 | 5550 Heritage Oaks Dr. Pensacola, FL 32526

About Us

Navy Federal provides much more than a job. We provide a meaningful career experience, including a culture that is energized, engaged and committed; and fierce appreciation for our teams, who are rewarded with highly competitive pay and generous benefits and perks.

Our approach to careers is simple yet powerful: Make our mission your passion.

• Best Companies for Latinos to Work for 2024

• Computerworld® Best Places to Work in IT

• Forbes® 2024 America's Best Large Employers

• Forbes® 2024 America's Best Employers for New Grads

• Forbes® 2024 America's Best Employers for Tech Workers

• Fortune Best Workplaces for Millennials™ 2024

• Fortune Best Workplaces for Women ™ 2024

• Fortune 100 Best Companies to Work For® 2024

• Military Times 2024 Best for Vets Employers

• Newsweek Most Loved Workplaces

• 2024 PEOPLE® Companies That Care

• Ripplematch Recruiting Choice Award

• Yello and WayUp Top 100 Internship Programs

From Fortune. ©2024 Fortune Media IP Limited. All rights reserved. Used under license. Fortune and Fortune Media IP Limited are not affiliated with, and do not endorse products or services of, Navy Federal Credit Union.

Equal Employment Opportunity: All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected Veteran.

Hybrid Workplace: Navy Federal Credit Union is a hybrid workplace, and details will be discussed during your interview process.

Disclaimers: Navy Federal reserves the right to fill this role at a higher/lower grade level based on business need. An assessment may be required to compete for this position. Job postings are subject to close early or extend out longer than the anticipated closing date at the hiring team’s discretion based on qualified applicant volume. Navy Federal Credit Union assesses market data to establish salary ranges that enable us to remain competitive. You are paid within the salary range, based on your experience, location and market position

Bank Secrecy Act: Remains cognizant of and adheres to Navy Federal policies and procedures, and regulations pertaining to the Bank Secrecy Act.

REQNUMBER: 24093