Reach Your Peak with ICMA-RC, a FINANCIAL SERVICES LEADER in public sector employee retirement products and services. Headquartered in Washington, DC, our Financial Services corporation administers over $50 billion in retirement plan assets for more than one million participant accounts. We are constantly looking for ways to create new opportunities to serve our participants. We have an extraordinary talent base and invite you to consider joining ICMA-RC's Internal Audit Team.
This individual assists with the development and implementation of a risk-based IT audit plan, to provide Management and the Board of Directors with an independent, objective assessment of the design and operating effectiveness of the system of internal controls designed to mitigate risks relating primarily to Information Technology. In addition, this individual designs audit programs, manages and performs audit procedures to assess risks relating to network infrastructure, information security, systems development, application security, physical security, data management, disaster recovery/business continuity, telecommunications, general computer controls and risk management activities, and other areas as assigned. Assists with the development of highly professional, integrated audit staff, and manages staff as assigned.
Essential functions for this role include:
Prepare walkthrough narratives, flowcharts, risk assessments and research necessary to gain an understanding of the underlying of the business processes, information technology, information security, pertinent legal and regulatory requirements, risks and key control activities to be evaluated.
Design, manage, and perform audit procedures to assess the Information Technology (IT) and Information Security (IS) control environment relating primarily, but not exclusively, to network infrastructure, information security, cloud based systems and vendors (e.g. SaaS, IaaS, PaaS), systems development and implementation, application security, database management, disaster recovery/business continuity, telecommunications, and risk management.
Assess and identify security threats and vulnerabilities within the network environments.
Work independently, under the general direction of Internal Audit management, to create risk matrices, audit programs, plan, execute, and document audit projects in a timely and complete manner.
Communicate and validate audit results with clients and prepare thorough written reports and/or oral presentations for Management and the Board of Directors.
Support and enhance the use of automated work paper and data analysis tools (e.g. TeamMate, ACL) to expand audit coverage and support findings/observations.
Perform other duties as assigned (management requests, special projects, integrated audits, data analysis).
For your well-being, we offer a solid compensation and benefits package that features a competitive salary, a straight-forward incentive plan that rewards results, and a 401(k) Plan. For your career, we offer tuition reimbursement, professional development courses, seminars, career enrichment assignments, mentoring programs and a record of enterprise growth that creates continuing opportunities for career advancement. Consider ICMA-RC, and respond in strictest confidence. ICMA-RC is an Equal Opportunity Employer that values diversity in the workplace. Minorities and women are encouraged to apply. We look forward to hearing from you.
If you have the following credentials, we encourage you to apply:
BA/BS or equivalent experience
5-7 years of auditing experience in financial services or similar environment. 3-5 years IT and IS auditing experience. Experience auditing network infrastructure, operating systems (e.g. UNIX, Windows, Mainframe), web based applications, database management systems (e.g. Oracle), and IT control frameworks. Cloud security audit experience and technical expertise performing data analysis (e.g. ACL) preferred.
CISA (Certified Information Systems Auditor) and/or CISSP (Certified Information Systems Security Professional) Certification preferred
Experience performing and managing Information Technology and Information Security Audits
Knowledge of Information Technology and Information Security industry standards and best practices
Proficient oral and written communication skills
Financial services, defined contribution securities industry background preferred.
Knowledge of FINRA and SEC compliance preferred
Strong knowledge of general computer controls and Sarbanes-Oxley related requirements
Relocation expenses are negotiable.
Internal Number: MGRIN01069
Founded in 1972, ICMA-RC is a non-profit independent financial services corporation focused on providing retirement plans and related services for more than one million public sector participant accounts and approximately 9,000 retirement plans.
Our mission is to help build retirement security for public employees. We deliver on our mission by focusing on service, quality and value. All of our retirement programs, administrative services and educational tools have been developed specifically for public sector retirement plan administrators and participants.