Job Requisition ID: 89171
Location Designation: Hybrid
This PF3 application controls position will play a role in all phases of application technology audits including planning, scoping, control assessment, test design and execution, and reporting. The position will be based at the Company’s headquarters in New York City and expected to follow a hybrid schedule of onsite and remote. The position will report directly to a Corporate Vice President on the IT audit team. The role focuses on application controls as part of integrated audits and advisory service within the insurance, agency, investments, and corporate functions universe as well as core technology audits. This position will also be responsible for assisting with ongoing risk assessment and continuous monitoring activities.
Specific responsibilities include:
- Participate in planning, scoping, and executing integrated and technology application and IT General Controls audits in alignment with department methodology and industry standards under the direction of the audit in-charge.
- Work closely with the operations audit teams to understand business processes and associated application controls and assist in scoping the audit. Participate in technology audits including review of information security, operations and privacy controls across multiple tools and platforms.
- Clearly articulate risks and controls relevant to the business process or technology environment. Independently lead walkthroughs with stakeholders, formulate controls and execute testing to address the risks in alignment with the scope including designing test attributes, determining sample sizes and evidence requirements.
- Communicate efficiently with clients during audits and clearly articulate scope, evidence requests, testing rationale, follow-ups and audit findings outlining risk and root cause. Contextualize findings in terms of risk to the business function/strategy and any downstream cross functional effects.
- Provide timely updates on audit status and early indication of findings to the audit in-charge along with suggested next steps. Pro-actively seek tasks and independently manage time to align with available capacity. Independently execute to multiple concurrent priorities alongside audits such as issue validation, stakeholder relationship management, department initiatives etc.
- Coordinate with other control functions in the Company to provide a seamless experience to business and technology stakeholders. Leverage information from first- and second-line assurance functions to reduce repetitive work and touchpoints with stakeholders.
- Participate in ongoing departmental audit planning and risk assessments and complete planning deliverables in accordance with department standards. Assist in risk assessing technology and operations plan areas using gathered inputs and professional judgement.
- Provide oversight and guidance to junior team members by helping them understand risks and controls, audit execution, department methodology and industry standards. Guide them in test execution and review their work to provide timely feedback.
- Stay up to date on relevant industry, technology and regulatory matters through self-education and department supported trainings. Gain an understanding of the Company’s business and priorities.
- Actively provide inputs and adapt to rapid changes in the department and Company. Demonstrate ability to quickly pivot and make level-appropriate decisions independently while keeping their team and manager informed.
- Travel 10% – 15% domestic and international, in addition to occasional travel to offices in the tri-state area.
Qualifications:
- Minimum of three to five years of application controls and IT auditing experience. Experience within either Internal Audit or relevant Big 4 consultancy is a plus.
- Knowledge of and execution of business application related risks, controls and best practices.
- Knowledge of multiple IT environments (e.g., Windows, UNIX/Linux, Mainframe, AWS) and areas (e.g., information security, access management, data protection etc.) is desirable.
- Experience with Data Analytics software such as Tableau is a plus.
- Good understanding of relevant regulations, industry standards and frameworks (e.g., SSAE 18/SOC, SOX, COSO, COBIT, ITIL, ISO27001, NIST) and best practices and methodologies to address these requirements.
- Good understanding of relevant regulations such as NYDFS, HIPAA and GLBA.
- Bachelor’s degree in Information Systems, Accounting, or other quantitative discipline preferred (other Bachelor’s degrees may be considered)
- Currently holds or is committed to pursuing professional audit certification such as Certified Information Systems Auditor (CISA)
- Proven ability to multi-task, complete projects on time and on budget, and adjust to changing priorities. Ability and desire to learn quickly, be flexible and think strategically
- Strong communication (i.e., verbal and written) and interpersonal skills with the ability influence change
- Enthusiastic, self-motivated, effective under pressure and willing to take personal responsibility/accountability
#LI – LS1
#LI – HYBRID
Salary range: $72,500-$107,500
Overtime eligible: Exempt
Discretionary bonus eligible: Yes
Sales bonus eligible: No
Click here to learn more about our benefits. Starting salary is dependent upon several factors including previous work experience, specific industry experience, and/or skills required.
Recognized as one of Fortune’s World’s Most Admired Companies, New York Life is committed to improving local communities through a culture of employee giving and volunteerism, supported by the Foundation. We’re proud that due to our mutuality, we operate in the best interests of our policy owners. We invite you to bring your talents to New York Life, so we can continue to help families and businesses “Be Good At Life.” To learn more, please visit LinkedIn, our Newsroom and the Careers page of www.NewYorkLife.com.
Job Requisition ID: 89171