Dime seeks an Information Technology Auditor who is self-motivated with knowledge of business process automation, assessing IT risk within businesses, information technology controls, Governance, Risk and Compliance and has hands on experience evaluating automated functions, business rules and logic. The candidate must also have knowledge of management information systems and databases. We are looking to add an innovative, strategic-thinker, self-starter and team player who is highly organized with excellent attention to detail. As an Information Technology Auditor, you’ll report to and assist the IT Audit Manager in the performance of audits relating primarily to Dime's information technology environment including business process automation, cybersecurity, third-party governance, SOX ITGC etc. As a member of the Internal Audit team, you’ll be a critical part of an expert group that aligns internal audit practices with the key risks and strategies of the bank.
Assist in the execution of audit procedures in accordance with IIA’s International Standards for the Professional Practice of Internal Auditing (Standards).
Develop audit requirements related to testing key controls related to custom technology solutions that leverage automation, cognitive and science-based techniques.
Facilitate process walkthrough discussions to document end-to-end business processes, identify risk and functional requirements.
Apply current knowledge of technology and cybersecurity trends and systems processes to identify security and risk management opportunities for improvement.
Identify risks, determine control objectives, identify control procedures that address those objectives, and assess the adequacy of those procedures.
Interpret audit results and develop recommendations for management.
Assist the manager by drafting the audit reports following completion of the fieldwork portion of the reviews to concisely and accurately reflect the facts, observations, risks, and recommendations.
Maintain a good working rapport with management to foster the collaborative relationship between Internal Audit department and management.
Proactively interact with external auditors to gather requirements, obtain corroborative information, and make recommendations as needed.
Think strategically about IT audit program enhancements and be able to embrace change.
Other duties as assigned.
Bachelor’s degree required, in information technology, management information systems, internal controls, business or any degree which promotes analytical thinking or specific knowledge will be considered.
Minimum three years' related work experience in the banking industry or professional services firm where clients included organizations in Financial Services industry.
CISA, CISM, CISSP, CIA (or similar certification, depending on the educational and prior work history background) preferred. Ability to obtain certification required.
Ability to think critically, objectively, and analytically with an appropriate level of skepticism.
Experience auditing any of the following is a plus “DMZ, Network’s, IDS/IPS, DLP, TVM, PAM, PKI, VM’s, AD, SQL, Linux, Windows, Internet banking and core financial systems”.
Experience with data mining/analytics tools and proven ability to perform meaningful data analytics across a wide variety of business operations and processes a plus.
Working knowledge of Sarbanes-Oxley Section 404, FFIEC IT Handbook and Cybersecurity Assessment Tool, NIST Cybersecurity Framework and NY DFS 23 NYCRR 500 (Cybersecurity Requirements for Financial Services Companies) preferred.
Advanced Microsoft Office and SQL skills required