Job Title

IT Internal Audit Senior Auditor:

Job Description Summary

This is a Senior role within the Internal Audit Department, reporting to the Director of Internal Audit. This role is responsible for providing risk and control leadership, guiding audit teams and strategic initiatives. This includes preparing and executing a risk-based audit plan to assess, report on, and recommend value-added and practical improvements to address Cushman & Wakefield’s financial, operational, and compliance objectives. The Senior will provide senior management with assurance as to the adequacy and effectiveness of the system of internal IT, cybersecurity and operational controls within the company. Essentially, the Senior will serve as Internal Audit’s in-house IT audit and advisory expert related to IT governance, risks and internal controls.

A successful candidate will develop relationships with business leadership across functions, service lines, and regions to provide a solutions-driven audit program and serve as a catalyst for change and serve as an audit consultant to all levels of management. The ability to lead with confidence and maintain independence and objectivity will be critical. Strong understanding of professional audit standards, COSO, and risk assessment practices is a must. A control and process-oriented mindset, strong analytical and problem-solving skills, and desire and ability to identify, recommend and lead improvements is also important. A demonstrated track record of partnership, collaboration, colleague development, and building and maintaining a strong team culture is required.

Job Description Responsibilities:

• Develop the annual IT audit plan, including the annual risk assessment, in collaboration with Internal Audit leadership
• Assess, manage and optimize information technology risk across a wide range of areas, including cybersecurity, IT strategy and governance, IT regulatory and compliance requirements, and business continuity
• Manage a portfolio of assigned audits and related activities, including staffing, scheduling, and coordination with the client to ensure the timely completion of the plan.
• Oversee IT audits, including cybersecurity, cloud, system access controls, system implementation life cycle, and data governance
• Develop audit programs and testing procedures in accordance with widely accepted IT auditing and cybersecurity standards (e.g., COBIT, NIST, CIS, CSA)
• Manage and monitor the progress of the audit engagement, prioritize the workload of the audit team, and identify and escalate to the Director of Internal Audit any necessary changes to the audit as the engagement progresses
• Draft complete audit reports with minimal oversight that clearly and concisely describe issues identified during the audit engagement
• Ensure audit engagement quality, including adherence to Global IIA Standards and Internal Audit Department policies and standards
• Deliver reviews and projects on time, within agreed budget, and in accordance with IIA Standards
• Drive cross-functional assurance and compliance initiatives (such as risk assessments, monitoring approach, etc.) with other functions
• Assist the Director of Internal Audit in developing Cushman and Wakefield’s long range IT audit plan and IT risk assessment approach
• Manage audits with a collaborative tone ensuring a constructive environment is maintained between the audit team and the audit client
• Establish and communicate recommendations to mitigate current and emerging internal and external risks, ensuring appropriate escalation and reporting of issues impacting operations to address strategic, business and compliance objectives
• Build successful relationships with client management to provide value-added consultation to influence and strengthen operational efficiencies and effectiveness, promote appropriate risk management awareness and mitigation, and provide opportunities for cost savings, and standardization and globalization of processes
• Coach and manage junior staff effectively on assigned audits and projects
• Contribute to the positive and team-oriented culture by maintaining cooperative relationships (assisting other project teams when necessary), facilitating the resolution of conflicts, sharing information, and accepting and providing feedback
• Manage special projects as requested by management
• Leverage data analytics to enhance audit effectiveness and provide insights into operational risks and efficiency opportunities
• Assist the Director of Internal Audit in developing key risk indicators (KRIs) to monitor financial, operational, and IT risks.
• Assist the Director of Internal Audit in preparing periodic reports for management, stakeholders, and Audit Committee on significant issues related to internal control processes and provide information concerning such issues through resolution
• Assist the Director of Internal Audit in managing Audit Committee and Senior Management reporting and metrics
• Assist the Director of Internal Audit in recruiting, coaching and developing internal audit staff
• Provide IT SOX support and consultations on an as needed basis

Requirements:

• Bachelor's Degree, preferably in business related major (accountancy, finance, business administration, management information systems, etc.)
• 2-5+ years of external or internal auditing or equivalent experience with a public accounting firm or publicly-traded company
• Expertise in internal audit, accounting processes, IT General Controls standards, cybersecurity risks, and IT SOX compliance
• Demonstrated history of using data analytics in projects and activities to provide value-added insights
• Experience in data analytics tools (e.g., Alteryx, Power BI, Power Apps, Python, R, SQL) and automated audit techniques
• Excellent project management skills
• CPA, CIA, CISA, CRISC, CISM, CCSP or CISSP preferred
• Knowledge of professional audit standards, COSO framework, US GAAP, and risk assessment practices

Must Have Strengths:

• Strong organizational skills with the ability to prioritize, follow-through, and manage multiple tasks, responsibilities, and deadlines
• Self-starter with flexibility, desire, and eagerness to take ownership of related tasks and responsibilities in order to keep the project on schedule
• Strong interpersonal, oral, and written communication skills

INCO: “Cushman & Wakefield”