Michael Page
Senior Manager, IT Audit
Michael Page, Tampa, Florida, us, 33646
The Senior Manager, IT Audit will have full responsibility for defining and managing the audit universe, plans, coverage, and strategy, while evaluating and providing guidance on the remediation of issues related to cybersecurity and infrastructure controls. In addition, the Senior Manager, IT Audit will ensure that audit activities, strategies, and initiatives are aligned with regulatory standards and internal policies. This role is critical as the Senior Manager, IT Audit will contribute to achieving individual, team, and departmental goals, ensuring the execution of key initiatives that support the broader audit objectives and strategies.
Client Details
Leading global financial services company
Description
Audit Planning and Strategy : Develop and implement audit plans that focus on cybersecurity and infrastructure controls, ensuring comprehensive coverage of all critical systems, processes, and technologies.
Risk Assessment : Assess the cybersecurity risk landscape, infrastructure vulnerabilities, and the effectiveness of existing controls to identify areas requiring attention, and prioritize audit activities based on risk.
Cybersecurity Controls Evaluation : Lead the evaluation of cybersecurity frameworks, policies, and procedures to ensure they meet regulatory requirements, industry best practices, and internal standards.
Infrastructure Assessment : Conduct audits of IT infrastructure, including networks, servers, cloud environments, and data centers, to evaluate the robustness of security measures, scalability, and operational efficiency.
Incident and Remediation Oversight : Monitor and evaluate the remediation of identified cybersecurity issues and infrastructure vulnerabilities, ensuring that corrective actions are implemented in a timely and effective manner.
Regulatory Compliance : Ensure audit activities are in line with relevant cybersecurity regulations and internal compliance standards, providing recommendations for compliance improvements where needed.
Collaboration with IT & Security Teams : Work closely with IT, security, and infrastructure teams to understand emerging risks, assess control effectiveness, and advise on improvements to security and operational practices.
Audit Reporting : Prepare detailed audit reports on cybersecurity and infrastructure findings, providing clear insights and recommendations to senior leadership and relevant stakeholders.
Continuous Improvement : Stay current on evolving cybersecurity threats, infrastructure trends, and regulatory changes, and incorporate these into audit strategies to ensure the organization is prepared for future risks.
Team Leadership and Development : Lead, mentor, and develop a team of IT audit professionals specializing in cybersecurity and infrastructure, fostering a culture of continuous learning and growth within the audit department.
Executive Liaison : Provide strategic input and expert advice to senior management on cybersecurity and infrastructure-related risks, assisting in the development of risk mitigation strategies and long-term infrastructure planning.
Profile Educational Background : Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field (Master's preferred).
Professional Certifications : Certified Information Systems Auditor (CISA). Certified Information Security Manager (CISM) or Certified Information Systems Security Professional (CISSP). Certified in Risk and Information Systems Control (CRISC) or other relevant certifications.
Experience : 7+ years of experience in IT audit, with a focus on cybersecurity and infrastructure. Proven experience in managing and executing audits related to cybersecurity frameworks, IT governance, risk management, and regulatory compliance. Experience working in financial services, banking, or a highly regulated industry is preferred.
Technical Knowledge : Strong understanding of IT infrastructure, including networks, servers, cloud environments, databases, and data centers. Expertise in cybersecurity frameworks (e.g., NIST, ISO 27001, CIS), risk management, and incident response. In-depth knowledge of key cybersecurity technologies (e.g., firewalls, encryption, intrusion detection systems, vulnerability management).
Audit and Risk Management : Extensive experience in planning and executing IT audits with a focus on identifying risks related to cybersecurity and infrastructure. Strong understanding of regulatory and compliance requirements (e.g., GDPR, SOX, HIPAA, PCI DSS). Ability to assess and evaluate the effectiveness of controls and identify areas for improvement in security practices.
Leadership and Management : Proven ability to lead, mentor, and develop audit teams, ensuring effective collaboration and the successful completion of audit projects. Strong project management skills with a history of managing multiple audits and initiatives simultaneously.
Communication and Reporting : Excellent communication skills, with the ability to clearly articulate complex technical concepts to non-technical stakeholders and senior management. Experience preparing and presenting detailed audit reports and recommendations to senior leadership.
Problem-Solving and Critical Thinking : Strong analytical and critical thinking skills with the ability to approach problems from a risk-based perspective and drive solutions in a fast-paced environment.
Continuous Learning : Demonstrated commitment to continuous professional development, staying up-to-date with emerging cybersecurity threats, infrastructure trends, and audit practices.
Job Offer Base Salary : Competitive, based on experience. Bonus : Performance-based annual bonus. Benefits : Comprehensive healthcare, retirement plans with matching contributions, generous PTO, and parental leave. Professional Development : Budget for certifications, education, and conferences. Work-Life Balance : Flexible work options, wellness programs, and employee perks. Additional Perks : Commuter benefits, and career growth opportunities. MPI does not discriminate on the basis of race, color, religion, sex, sexual orientation, gender identity or expression, national origin, age, disability, veteran status, marital status, or based on an individual's status in any group or class protected by applicable federal, state or local law. MPI encourages applications from minorities, women, the disabled, protected veterans and all other qualified applicants.
Risk Assessment : Assess the cybersecurity risk landscape, infrastructure vulnerabilities, and the effectiveness of existing controls to identify areas requiring attention, and prioritize audit activities based on risk.
Cybersecurity Controls Evaluation : Lead the evaluation of cybersecurity frameworks, policies, and procedures to ensure they meet regulatory requirements, industry best practices, and internal standards.
Infrastructure Assessment : Conduct audits of IT infrastructure, including networks, servers, cloud environments, and data centers, to evaluate the robustness of security measures, scalability, and operational efficiency.
Incident and Remediation Oversight : Monitor and evaluate the remediation of identified cybersecurity issues and infrastructure vulnerabilities, ensuring that corrective actions are implemented in a timely and effective manner.
Regulatory Compliance : Ensure audit activities are in line with relevant cybersecurity regulations and internal compliance standards, providing recommendations for compliance improvements where needed.
Collaboration with IT & Security Teams : Work closely with IT, security, and infrastructure teams to understand emerging risks, assess control effectiveness, and advise on improvements to security and operational practices.
Audit Reporting : Prepare detailed audit reports on cybersecurity and infrastructure findings, providing clear insights and recommendations to senior leadership and relevant stakeholders.
Continuous Improvement : Stay current on evolving cybersecurity threats, infrastructure trends, and regulatory changes, and incorporate these into audit strategies to ensure the organization is prepared for future risks.
Team Leadership and Development : Lead, mentor, and develop a team of IT audit professionals specializing in cybersecurity and infrastructure, fostering a culture of continuous learning and growth within the audit department.
Executive Liaison : Provide strategic input and expert advice to senior management on cybersecurity and infrastructure-related risks, assisting in the development of risk mitigation strategies and long-term infrastructure planning.
Profile Educational Background : Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field (Master's preferred).
Professional Certifications : Certified Information Systems Auditor (CISA). Certified Information Security Manager (CISM) or Certified Information Systems Security Professional (CISSP). Certified in Risk and Information Systems Control (CRISC) or other relevant certifications.
Experience : 7+ years of experience in IT audit, with a focus on cybersecurity and infrastructure. Proven experience in managing and executing audits related to cybersecurity frameworks, IT governance, risk management, and regulatory compliance. Experience working in financial services, banking, or a highly regulated industry is preferred.
Technical Knowledge : Strong understanding of IT infrastructure, including networks, servers, cloud environments, databases, and data centers. Expertise in cybersecurity frameworks (e.g., NIST, ISO 27001, CIS), risk management, and incident response. In-depth knowledge of key cybersecurity technologies (e.g., firewalls, encryption, intrusion detection systems, vulnerability management).
Audit and Risk Management : Extensive experience in planning and executing IT audits with a focus on identifying risks related to cybersecurity and infrastructure. Strong understanding of regulatory and compliance requirements (e.g., GDPR, SOX, HIPAA, PCI DSS). Ability to assess and evaluate the effectiveness of controls and identify areas for improvement in security practices.
Leadership and Management : Proven ability to lead, mentor, and develop audit teams, ensuring effective collaboration and the successful completion of audit projects. Strong project management skills with a history of managing multiple audits and initiatives simultaneously.
Communication and Reporting : Excellent communication skills, with the ability to clearly articulate complex technical concepts to non-technical stakeholders and senior management. Experience preparing and presenting detailed audit reports and recommendations to senior leadership.
Problem-Solving and Critical Thinking : Strong analytical and critical thinking skills with the ability to approach problems from a risk-based perspective and drive solutions in a fast-paced environment.
Continuous Learning : Demonstrated commitment to continuous professional development, staying up-to-date with emerging cybersecurity threats, infrastructure trends, and audit practices.
Job Offer Base Salary : Competitive, based on experience. Bonus : Performance-based annual bonus. Benefits : Comprehensive healthcare, retirement plans with matching contributions, generous PTO, and parental leave. Professional Development : Budget for certifications, education, and conferences. Work-Life Balance : Flexible work options, wellness programs, and employee perks. Additional Perks : Commuter benefits, and career growth opportunities. MPI does not discriminate on the basis of race, color, religion, sex, sexual orientation, gender identity or expression, national origin, age, disability, veteran status, marital status, or based on an individual's status in any group or class protected by applicable federal, state or local law. MPI encourages applications from minorities, women, the disabled, protected veterans and all other qualified applicants.