BlackRock is looking for an experienced auditor who has is familiar with testing of SAS 70 and Sarbanes-Oxley technology controls.
The position requires 9 years experience with Big 4 firm and professional certifications (e.g. CPA, CISA). The position also requires approximately 20% travel.
Check out the details for this position, based in New York, after the jump.
Title: IT Internal Audit Manager
Location: New York, NY
Experience Required: 9 years
Description: The candidate will supervise one to two staff and will work closely with other internal auditors in executing the global integrated internal audit plan. The candidate will report to the Director of Internal Audit IT, who reports to the Global Head of Internal Audit. BlackRock’s internal audit group is comprised of approximately 40 professionals based principally in New York, San Francisco and London, with additional personnel in Edinburgh, Tokyo and Hong Kong.
Responsibilities: More than 9 years experience in the fields of information technology audit, information security and technology risk management; Strong experience auditing operating systems, databases, networks, and technology operations; Experience working within a risk based internal audit function executing audit planning, fieldwork and report writing; A good understanding of information technology, technology risks and emerging technologies; A good understanding of information technology best practice disciplines and frameworks such as CoBIT, ITIL and COSO; Experience managing small teams of skilled professionals and building strong trusted relationships with senior IT and business management.
Qualifications: Experience of auditing Unix, Linux, Sybase, Oracle, MSSQL and Windows; Experience working in a global financial services firm, and a good understanding of the asset management industry and regulatory environment; A “Big 4” background and experience of SAS70 and SOX technology controls testing; Experience working in a non-audit role such as information security or technology operations; Professional certifications such as: CPA, CISA, CISM, CISSP, GSNA, CGEIT, CRISC; Additional technical knowledge, e.g. attack and penetration techniques, security configuration audit tools and techniques, development tools and languages, data modeling and data management techniques.