IT Infrastructure Auditor # 102056
Internal Audit at Credit Suisse is a department with about 350 staff based in various locations throughout the world, with primary hubs in Zurich, London, New York, and Singapore. Internal Audit supports management with financial, operational and information-technology audits covering all business. Internal Audit plays a vital role in evaluating the effectiveness of internal controls related to all Credit Suisse Group activities. Control assessments performed are risk-based and process-oriented, generally covering front-to-back business flows with consideration of all relevant risks.
Senior IT Auditors are responsible for planning, executing and reporting the results of audits and risk assessments of the Bank's IT environment, including both infrastructure applications, and can include individual or multiple audit assignments. This role will have a predominant focus on technology architecture and infrastructure, but will also cover audit work on business applications as needed.
Audit Execution. Conduct planning and audit fieldwork testing, demonstrating an ability to effectively understand technology risks and auditing techniques Identify key issues impacting businesses and IT areas under review, presenting and agreeing with management practical, commercial actions for the mitigation of associated risks. Monitor the progress and resolution of impactful audit recommendations. Demonstrate the ability to establish relationships with key IT partners. Coordinate coverage with the external auditors. On selected audits, the role may also entail a requirement to supervise and motivate audit teams, providing necessary oversight and mentorship to ensure the audit is completed against relevant targets (e.g. budget, fieldwork timing, report clearance etc.).
Technical Leadership. Develop expertise, including knowledge of IT control frameworks, key IT processes, relevant technologies, and design of IT audit control assurance tests; use this knowledge to ensure appropriate focus on the highest risks. Develop knowledge and understanding of the department's plans and related IT strategy, including the scope and progress of system-related change programs. Maintain an awareness of key regulatory initiatives and industry standard methodologies impacting the Bank's IT environment, and ensure that these are considered in the planning of upcoming audits. Promote the development of technical subject matter expertise among others in the department.
Department Contribution. Commit at a wider department level outside of core audit responsibilities; Promote knowledge sharing and communication within the department; and Develop and maintain relationships with auditors/audit managers in other regions, for effective global collaboration.
People Leadership. Inspire trust in our partners by demonstrating we are a high quality team of people. Coach others to develop technical and leadership skills, and provide constructive and timely feedback. Inspire others to learn and develop independently. Encourage and accept diversity within the group. Set the right "tone ", demonstrating a principled approach and setting the right example for junior staff.
Credit Suisse maintains a Working Flexibility Policy, subject to the terms as set forth in the Credit Suisse United States Employment Handbook.
Experience and Skills Required/Desired:
- You will have an undergraduate degree in Information Technology, Engineering, Business, or related discipline. A Master's degree a plus.
- You have 5 + years of work experience in IT risk management, auditing or consulting in a diverse, multi-platform environment.
- You should have familiarity with operational processes, tools and controls required in running a complex IT infrastructure environment, including at least five of the following: networks, operating systems, databases, cybersecurity controls, web platforms, mobile technologies, systems resiliency, access controls, configuration/inventory management, change management, systems development practices, etc.
- Financial services experience preferred, but not required.
- CISA, CISSP, CISM, or equivalent certifications a plus.
- Strong oral and written communications skills in order to integrate with global audit teams and gain an understanding of IT Risks/controls of the process under review and articulate assessment to business auditors and Bank management.
- You are a highly motivated, results oriented professional and an effective teammate who will establish effective links with peers and auditees to promote a favorable profile.
- You should demonstrate a dedication to self-development, actively seek feedback to develop/update own skills and knowledge, accept and be responsive to constructive feedback.
- Willingness to travel (10%).