IT Audit Manager

Purpose of Job
The IT Audit Manager is responsible for providing a substantive contribution to the ongoing risk assessment of their assigned portfolio and timely execution of audit engagements in line with IAD’s periodic risk-based audit plan. This position focuses on audits relating to the EBRD’s Chief Transformation Office, including IT applications, platforms and processes, and project and programme assurance, though not exclusively. The role also assists the IAD team in ad hoc responsibilities and tasks, including supervising other team members (including guest auditors and external consultants), advisory work, and departmental improvements, as assigned by the IAD leadership team.

Background
The Board of Directors established the Internal Audit Department as part of its oversight role. IAD, as a trusted independent third line of defence, and in accordance with the Institute of Internal Auditors’ International Professional Practices Framework and Code of Ethics, provides timely risk-based and objective assurance and advice to Executive Management and the Board of Directors on the adequacy and effectiveness of the EBRD's risk and control framework. IAD aspires to be a function of excellence, valued by stakeholders for insights and foresight, objective assurance and advice.

Facts / Scale

• Responsible for planning, leading and executing audit engagements, other audit activities and ad hoc assignments. This will involve working on multiple engagements and activities at the same time.

Accountabilities & Responsibilities
Audit risk assessment and delivery

• Continuously monitors and assesses organisational, risk and control developments in their assigned portfolio of coverage (“business monitoring”).
• Independently plans and executes audit engagements and business monitoring work with minimal supervision to the quality standards expected by the IIA.
• Effectively supervises multi-disciplinary teams, guest auditors and external consultants, and provides timely, open and constructive performance feedback. Takes accountability for all aspects of the end product, ensuring that work adheres to schedules and is completed to the required standard.
• Ensures timely and adequate monitoring and validation of open audit issues as assigned.

Other responsibilities

• Develops and manages open and constructive working relationships with stakeholders.
• Delivers engagements and activities in line with the Institute of Internal Auditors’ Global Internal Audit Standards, Code of Ethics, and guidance (including such Topical Requirements as may be relevant).
• Proactively supports other departmental initiatives and deliverables as assigned, including developing annual work plans, regular reporting to the Board of Directors, ad hoc advisory engagements, and departmental improvements.
• Keeps abreast of relevant industry, professional and organisational developments to update risk assessments, inform audit coverage, and drive innovation and improvement in IAD practices.

Knowledge, Skills, Experience & Qualifications
Academic/professional qualifications

• University degree or equivalent, preferably a technology, data, maths, finance or business focus.
• Relevant professional qualification(s) relating to IT auditing, IT security, and/or IT risk management, such as CISA/CCSK/CISSP/CISM/ISO27001LA. Project and programme assurance and data analytics certifications are desirable additions.

Experience

• Significant relevant post-qualification experience in IT auditing and/or IT risk management and preferably significant experience in providing project and programme assurance.
• Strong domain expertise of IT risk and IT security practices and developments. Familiarity with relevant frameworks such as the NIST CSF and Swift CSCF are desirable.
• Relevant knowledge or experience of managing or participating in transformation programmes and change projects, and associated risks and good practices, are also desirable.

Technical and personal skills

• Strong oral and written communication skills, able to adapt messages to the audience, translate and communicate technical issues and concepts, and negotiate with senior stakeholders.
• Proven ability to engage with and influence senior stakeholders, using sound professional judgement to broker co-operation, facilitate timely delivery of audits, and drive positive change.
• Able to gather, analyse and synthesise data and information from business monitoring activities and recommend changes in risk profile and audit coverage for their assigned portfolio of coverage.
• Team player, able to work effectively with others in a matrix environment.
• Efficient, persistent, self-managing and resilient in the delivery of objectives under pressure.
• Demonstrable analytical and critical thinking skills.

What is it like to work at the EBRD?

Our agile and innovative approach is what makes life at the EBRD a unique experience! You will be part of a pioneering and diverse international organisation, and use your talents to make a real difference to people's lives and help shape the future of the regions we invest in. 

The EBRD environment provides you with:

• Varied, stimulating and engaging work that gives you an opportunity to interact with a wide range of experts in the financial, political, public and private sectors across the regions we invest in;
• A working culture that embraces inclusion and celebrates diversity;
• An environment that places sustainability, equality and digital  transformation at the heart of what we do.

Diversity is one of the Bank’s core values which are at the heart of everything it does.  A diverse workforce with the right knowledge and skills enables connection with our clients, brings pioneering ideas, energy and innovation. The EBRD staff is characterised by its rich diversity of nationalities, cultures and opinions and we aim to sustain and build on this strength. As such, the EBRD seeks to ensure that everyone is treated with respect and given equal opportunities and works in an inclusive environment. The EBRD encourages all qualified candidates who are nationals of the EBRD member countries to apply regardless of their racial, ethnic, religious and cultural background, gender, sexual orientation or disabilities.  As an inclusive employer, we promote flexible working and expecting our employee to attend the office 50% of their working time.

Please note, that due to the high volume of applications received, we regret to inform you that we are unable to provide detailed feedback to candidates who have not been shortlisted (for further consideration).