Senior IT Internal Auditor

POSITION SUMMARY

Reporting to the VP, Head of IT Internal Audit, the Senior IT Internal Auditor will be responsible for evaluating and analysing internal controls and business risks by performing IT audit work. Thereby helping the Internal Audit team achieve IT aspects related to the annual global internal audit plan, including operations in Bermuda, Switzerland, the U.K., and the U.S. You will support the delivery of the annual global IT Sarbanes-Oxley assurance program and the Company's broader initiatives on special projects. You must demonstrate knowledge of IT operations as it relates to internal and external audits, and experience in data analytics is preferred.

RESPONSIBILITIES INCLUDE:

• Support the testing information technology general computing controls including IT dependencies and coordinate with the broader Internal Audit team to support compliance with Section 404 of Sarbanes-Oxley. This includes providing recommendations to address any IT related control deficiencies identified. If applicable, recommend control rationalisation that increases the efficiency of testing programs while maintaining the integrity and effectiveness of the control environment
• Support the delivery of Development and maintenance of the IT Risk Assessment at the Group Level, including identifying key and latest IT risks requiring internal audit focus.
• Conduct risk-based IT audits and reviews of systems and IT processes in accordance with professional standards for internal auditing to ensure that internal controls are designed and operating.
• Prepare and report results to senior executives around IT-specific internal audits or reviews:

Examples include –

• Perform project assurance and system enhancements reviews.
• IT security audits (e.g., network, operating system, and data center), including evaluating if security vulnerabilities are identified and reduced. Coordinate the scope and performance of these reviews with the IT Security team, business units and external security experts.
• Perform Data governance and privacy audits.
• Monitor and report progress on the implementation of management action plans.
• Assist in the preparation of Audit Committee materials.
• Partner with management to identify opportunities to strengthen internal controls and improve business processes.
• Develop and implement tools to analyze data to improve audit efficiency alongside other Internal Audit team members. Support data analysis initiative in Internal Audit.

QUALIFICATIONS, SKILLS & EXPERIENCE:

• An undergraduate and/or post‑graduate university degree in a relevant quantitative discipline is required; a degree in IT or Finance is an advantage.
• CISA or CIA Credentials with CISA being preferred.
• CISM or other IT designations are advantageous.
• Experience in data analytics is preferred
• Minimum of 3 to 5 years of IT audit-related experience is a must, gained with a property and casualty insurer or reinsurer or financial institution; or equivalent audit experience with a public accounting firm
• Sound knowledge of the (re)insurance or financial industry
• Understanding of multiple technology domains, including software development, Windows, database management, and networking preferred
• Understanding of information security standards, best practices for securing computer systems, and applicable laws and regulations
• Experience with internal auditing, internal controls, risk management, and previous Sarbanes-Oxley testing experience, preferably within the (re)insurance industry
• Excellent communication and interpersonal skills
• Experience writing risk-based audit plans and reports
• Strong organizational skills
• Proficient, and has in-depth IT operations knowledge, and works independently on moderate to high complex matters
• Knowledge of cloud architecture (AWS and Azure) operational and security control frameworks would be beneficial

We are an equal opportunity employer. We provide equal opportunity to all applicants and employees regardless of race, color, religion, national origin, age, sex, sexual orientation, gender identity, marital status, pregnancy, disability, military status, or other legally protected categories