IT Audit Specialist

About Northern Trust

As a global leader in innovative wealth management, asset servicing, asset management and banking services, Northern Trust (Nasdaq: NTRS) is proud to guide the world’s most successful individuals, families, corporations and institutions.

Since 1889, we have aligned our efforts with our three guiding Principles That Endure: Service, Expertise, and Integrity. Together, they reflect the three cornerstones of business conduct which we strive to instill in our employees, whom we call partners, and to provide to our clients and the communities we serve worldwide.

With more than 135 years of financial experience and over 24,000 partners, we serve the world’s most sophisticated clients using leading technology and exceptional service.

• Role

  The IT Audit Specialist is responsible for the execution of information technology and cybersecurity audit engagements, which includes planning, developing the audit scope, maintaining the budget and timeframes of the project to meet audit requirements, and ensuring department Standards are properly met.  The role is a direct report to an IT Associate Director/IT Director and is responsible for their assigned staff's performance management process and recruiting and retention of staff for the audit team.  The IT Audit Specialist provides input to improve operational efficiency and/or to enhance the design or operating effectiveness of the internal control environment.  The role provides professional expertise and performs supervisor related work including training new employees or those with lesser experience, reviewing work of others, and providing regular feedback and coaching to employees.

  Functions in various roles on audit engagements including leading audits, performing audits and providing consulting and oversight functions based on the needs of the team
• Review audit work including workpaper documentation, findings and recommendations, and final audit reports to ensure adherence to the Corporation’s/Department’s Policies and Standards and ensuring work is performed appropriately within established timeframes
• Lead a team of information technology and information security professionals by overseeing and supporting the team through guidance, coaching and mentoring on projects
• Develops staffing strategy for the audit engagement, evaluate and identify necessary skillsets of the audit team to determine if they are aligned to complete the deliverables; escalate any gaps as required
• Provides technical expertise to the IT Audit Team on the use of sound IT audit practices
• Maintains familiarization and technical expertise with the assigned business unit(s) including organizational structures, key personnel, ongoing activities and products, new product development, financial performance and risk and problem areas
• Responsible for staying current on regulatory rules and changes within the industry
  Interacts and partners with Senior and Executive Management to understand risks within the business and the impact of operational changes or other significant events that could affect the business and/or the audit plan
• Manages and performs special projects as assigned
• Engage with business units to discuss audit results and monitor issue remediation progress
• Communicates with partners at all levels, developing and presenting recommendations on operations and controls for the business unit
• During audit engagements, assigns work to auditors, sets priorities and monitors activity
• Utilizes understanding of various Corporate units to ensure operations, services, and systems have proper controls in place (i.e., design of the control environment)
• Reviews audit work including work paper documentation, findings and recommendations and the final report to ensure appropriate adherence to the Corporation’s/Department’s Policies and Standards and ensuring work is performed within established timeframes
• Evaluates corporate management, business processes, business controls and operating practices during audits and consulting/monitoring engagements
• Applies analytical skills to review information and determine potential control weaknesses
• Participates in the planning, budgeting, and implementing of strategic IT Audit Team objectives and initiatives
• Nurture the overall team spirit of the technology audit function as we continue to grow and develop

Skills / Knowledge

• Knowledge and experience performing risk-based information technology and/or information security audits; experience auditing within the financial services industry is a plus
• Comprehensive understanding of ITGC and related processes (e.g., Configuration Management, Vendor Management, Access and Identity Management)
• Understanding of Information Technology Service Management (ITSM) controls (e.g., Change Management, Incident Management, Problem Management)
• Skills as needed to perform testing of application controls (e.g., BC/DR, Application Security Testing, Interface Controls)
• Skills as needed to perform testing of information security and cybersecurity controls (e.g., Identity and Access Management, Incident Response, Penetration Testing, Security Information and Event Monitoring, Data Security)
• Knowledge of risks related to newer technologies (e.g., Infrastructure as Code, Cloud Access Management, Kubernetes, Containers, CI/CD)
• Knowledge of financial industry standards and frameworks (e.g., NIST CSF, FFIEC, GDPR)
• Knowledge of cloud environments and related technologies (e.g., AWS, Azure, Google Cloud)
• Experienced in the documentation, reporting, and presentation to senior management and operating committees
• Professional certifications (e.g., CISA, CISSP, CCSP) preferred
• Strong analytical, leadership, and organizational skills are needed
• Strong report writing and work paper documentation skills

Required Experience

• College or University degree is preferred
• Minimum 15-20 years’ in related experience in Information technology or cybersecurity auditing (or equivalent experience) preferably in a financial institution, public accounting company or other large, complex or global organization

Working with Us

As a Northern Trust partner, you will be part of a flexible and collaborative work culture, which has a strong history of financial strength and stability. Movement within the organization is encouraged, senior leaders are accessible, and you can take pride in working for a company committed to an inclusive workplace and assisting the communities we serve.

Philanthropy is deeply rooted in Northern Trust’s history and is an essential element of our culture. Employees around the world give their time and talent to work for the greater good of their communities.

Reasonable Accommodation

Northern Trust is committed to working with and providing adjustments to individuals with health conditions and disabilities. If you need a reasonable accommodation for any part of the employment process, please email our HR Service Center at MyHRHelp@ntrs.com, or alternatively you can discuss your individual requirements with the recruiter you are working with.

About Our Bangalore Office

The Northern Trust Bangalore office, established in 2005, is home to over 5,600 employees.  In this stunning office space, we offer fantastic amenities which include our Arrival Hub - Jungle, the GameZone, and the Employee Experience Zone that appeal to both clients and employees. Learn more.