Experienced Technology Auditor
About CNA
At CNA, we focus on what we do best - providing insurance solutions that allow our customers to better manage their risks and grow profitably. We use our expertise to continually evolve our products and services to anticipate and address our customers' needs. Our broad portfolio enables us to respond to a wide range of business risks while focusing on the specialized needs of our insureds in construction, manufacturing, technology, healthcare, professional services, financial institutions and small business.
About Internal Audit
The Global Internal Audit Division supports CNA's corporate strategy of becoming a top quartile underwriting company by enhancing and protecting organizational value through risk-based and objective assurance, advisory and investigation engagements. We are analysts, problem-solvers, reporters, explorers and trusted advisors and catalysts. We strive to maintain an agile and responsive audit program that focuses on our company's highest risks and builds trust with all of our stakeholders. We invest in our people, are strengthened by diversity and are committed to inclusion. As the third line of defense for CNA, the scope of our work spans across all types of risk: financial, compliance, reputational and operational.
Position Description
We are searching for a Senior Technology Auditor to join our team who thrives in a collaborative environment and shares our commitment to providing valuable risk management, governance and control insights to our business partners. The role will interact with both technology and business partners throughout the Company as we conduct integrated assurance and advisory engagements. Responsibilities include performing audit procedures and preparing communications reflecting the results of the work performed for review by management.
Essential Duties & Responsibilities
Performs a combination of duties in accordance with departmental guidelines:
1. Actively engaged in audit projects involving functions, product areas, or locations, which may encompass complex financial, compliance and operational processes.
2. Monitors business unit efforts to resolve identified control issues and assesses the effectiveness of remediation efforts through follow-up reviews. Candidly discusses open control issues with audit team.
3. Participates in the effective execution of all phases of audits. Contributes to the creation of audit scope through an assessment of risks, evaluating the design of existing controls, developing and executing test programs to assess adherence with established controls and documenting test results.
4. Reviews the thoroughness of work product and updates team leaders on progress.
5. Assists in the drafting of audit reports and other outputs intended for customers. Participates in discussions and presents audit results withand to audit team.
6. Primarily responsible for being aware and proactive regarding developments, trends and challenges within assigned business units / functions and within the insurance industry.
7. Models the appropriate use of 'partner/challenger' relationship with audited entities – know when to pivot and when to persist.
8. Perform control testing in conjunction with our external auditors in support of the annual financial statement audit and other assurance engagements
May perform additional duties as assigned.
Reporting Relationship
Typically Director or above
Skills, Knowledge & Abilities
1. Knowledge of internal audit principles, practices and procedures and technology risk and governance frameworks (e.g., CoBIT, COSO, NIST).
2. Strong knowledge of software and hardware systems and the ability to learn new applications and tools quickly.
3. Excellent project management, organizing and planning skills.
4. Ability to achieve results by taking a proactive view of business goals and objectives.
5. Excellent analytical and problem solving skills, with the ability to effectively plan and direct multiple projects and project work teams.
6. Effective interpersonal, presentation, verbal and written communication skills, with the ability to effectively interact with internal and external business partners.
7. Ability to exercise professional judgment and assume responsibility for decisions which have an impact on people and quality of service.
8. Demonstrated experience and knowledge with the International Standards for the Professional Practice of Internal Auditing and integrated risk based auditing preferred.
9. Knowledge of insurance industry, accounting principles (GAAP and STAT), regulatory compliance and related financial services fields highly desirable.
Education & Experience
1. Bachelor's Degree, preferably in computer science, management information systems, technology, finance or equivalent. Advanced degree or professional designations (CIA, CISA) preferred.
2. Typically three to five years of relevant work experience (e.g., risk-based integrated internal auditing, external auditing, technology, business operations, finance or other related area).
*LI-MR1