Our client in the financial services sector is looking for an IT Audit Manager for an 18-month contract. The role will require working in office, in the downtown Toronto core, 4 days a week. Job#: 439769

Responsibilities:

Technology, Data Risk & Audit Execution

- Lead and participate in technology audits, evaluating the design and effectiveness of controls related to:

- Technology infrastructure (networks, servers, databases).

- Enterprise applications and systems.

- Cybersecurity frameworks and controls.

- Cloud services (Azure).

- Identity Access Management (IAM) and data security.

- ITGCs, Interface and application controls.

- Develop and implement audit approaches and coverage strategies to ensure comprehensive risk assessment.

- Provide assurance over key risk management strategies, ensuring alignment with industry best practices.

- Provide coaching and guidance to junior auditors ensuring timeliness and quality of deliverables.

- Perform continual assessment of emerging risks, suggesting adjustments to audit plans accordingly.

- Ensure audit work is conducted in accordance with industry standards (e.g., ISACA, IIA, NIST, ISO 27001, COBIT).

- Document audit findings and recommendations in a clear, concise, and actionable manner for senior leadership.

Strategic Advisory & Stakeholder Collaboration

- Work closely with Technology & Data leadership, Enterprise Risk, and Compliance teams to align audit activities with business objectives.

- Act as a trusted advisor to business units, offering insights on best practices for IT governance, risk, and compliance.

- Influence strategic decisions by providing data-driven insights on IT risk management.

- Foster strong relationships with business partners and other stakeholders to enhance risk awareness and control effectiveness.

Innovation & Continuous Improvement

- Leverage data analytics and automation to enhance audit efficiency and effectiveness.

- Stay updated on emerging technologies, cybersecurity threats, and regulatory changes to ensure audit methodologies remain relevant.

- Analyze complex IT systems to identify areas for improvement and recommend effective solutions.

- Communicate complex technical risks in a business-friendly manner to senior leadership.

Requirements

- Bachelor's degree in Computer Science, Information Systems, Business, Accounting, or a related field.

- Professional certifications (at least one required): CISA, CISSP, CRISC, CISM, CGEIT, CIA

- Knowledge of IT governance frameworks (COBIT, NIST, ISO 27001) is essential.

- 7+ years of experience in IT auditing, internal audit, technology risk management, or cybersecurity assessments.

- Strong understanding of IT general controls (ITGCs), application controls, cloud security, and data governance.

- Experience with audit methodologies, risk management practices, and regulatory compliance in financial services or investment management.

- Proven ability to write succinct audit findings/reports that provide meaningful insights to senior leadership.

- Strong organizational/project management skills, the ability to manage end to end audits and achieve multiple deadlines, both internal and external.