Associate - IT Auditor (Technology)

IT Auditor

The IT Auditor assesses the design and operating effectiveness of IT controls during audit engagement planning, fieldwork and reporting. This job evaluates risks and controls as a contributor in risk assessment and risk remediation testing activities. Working under general supervision, this job also coordinates and communicates effectively with audit and client contacts to deliver work in a professional and timely manner.

Key Responsibilities and Duties
- Leverages knowledge of common technology risk and control frameworks, including financial industry regulations and guidance, to assess risks and control design and operating effectiveness.
- Documents work clearly and concisely and in accordance with audit methodology and engagement timelines and budgets.
- Identifies, assesses and effectively describes IT risk and control strengths and concerns to audit and client contacts.
- Delivers clear and timely written and verbal communications to peers, supervisors and clients about assigned topics.
- Works professionally, proactively and collaboratively with audit and client stakeholders to understand and deliver assignments.
- Demonstrate critical thinking by gathering, analyzing, questioning and sharing perspectives on assignments.
- Grows and applies knowledge of the organization and IT people, processes and functions and Internal Audit methodology.
- Identifies and pursues training, knowledge and experience that expands and deepens IT audit skills.
- Builds awareness of technology trends, risks and controls through personal curiosity, training and networking.

Educational Requirements
- University (Degree) Preferred

Work Experience
- 1+ years Required Or
- 3+ years Preferred

Physical Requirements
- Physical Requirements: Sedentary Work

Career Level

6IC

Company Overview:
TIAA GBS India was established in 2016 with a mission to tap into a vast pool of talent, reduce risk by insourcing key platforms and processes, as well as contribute to innovation with a focus on enhancing our technology stack. TIAA GBS India is focused on building a scalable and sustainable organization, with a focus on technology, operations and expanding into the shared services business space. Working closely with our U.S. colleagues and other partners, our goal is to reduce risk, improve the efficiency of our technology and processes and develop innovative ideas to increase throughput and productivity.

Key Duties & Responsibilities:
List up to 5 key duties and responsibilities, management responsibilities and time spent (if applicable)

Position Summary:
This position serves as a team member to validate the remediation of moderately complex Management Action Plans (MAPs) emanating from Global / Enterprise IT audits, executed remotely from TIAA India, working under the direction of audit management and more senior IT auditors. Aids in performing timely review and validation of specific actions taken by management to mitigate the risk(s) identified in the audit issue in order to maintain a healthy control environment. Validation of MAPs encompasses core / integrated IT audits and advisories of the Company in accordance with TIAA’s Internal Audit (IA) Methodology.

Key Responsibilities:

- Handles routine to moderately complex assignments relative to validation of Management Action Plans and control testing of assigned IT Internal Audits.
- Perform testing of remediated IT audit issues to validate the action plan implemented by management mitigates the identified risk.
- Select appropriate sample size per TIAA IA Methodology in support of the testing performed.
- Obtain and evaluate evidence(s) for sufficiency, appropriateness, and adequacy of the remediation efforts.
- Maintain high quality of validation documentation to evidence that the review and validation performed can be understood by an independent third-party reader to enable them to draw a similar conclusion.
- Maintain validation document along with evidences in the audit database for sign-off.
- Assist audit team in tracking and reporting the status of open audit issues and related MAPs.
- Disseminate and share best practices with audit team to add value to the MAP validation process.
- Participate in recommending enhancement(s) to the validation process to gain efficiencies.
- Perform test of controls during IT audit engagement, verify compliances with regulations and sound business practices.
- Analyze audit data/observations and document audit conclusions/findings.

Management/Leadership Responsibility: Is management of people a primary focus of the role? If so, how many direct and indirect employees are managed? Do any of them manage a function or process?
- None.

Business or Industry Expertise: Describe the degree of knowledge and understanding required of TIAA’s business and industry, commercial environment and of competitors products and services.
- Requires knowledge of IT and information security governance, audit data analytics, integrated audit