Financial Services Cybersecurity Internal Audit Manager

Overview

Responsibilities

• Plan and execute internal audits across cybersecurity and IT infrastructure domains
• Evaluate Security Operations Centers (SOC) and Data Services/Data Governance
• Assess Third Party Risk Management (TPRM) programs
• Review cyber resilience and incident response capabilities
• Conduct infrastructure risk control assessments, including second line of defense (2LOD) reviews
• Audit infrastructure-level incident and problem management processes
• Perform integrated cyber auditing alongside business and operational auditors
• Assess the design and operating effectiveness of technical cybersecurity controls against regulatory expectations and frameworks (NIST CSF, COBIT, ISO 27001)
• Prepare thorough audit documentation, reports, and deliverables independently and on schedule
• Communicate audit procedures, findings, and recommendations directly to client stakeholders, including technical and non-technical audiences
• Maintain audit quality and responsiveness throughout the engagement lifecycle to ensure client satisfaction and confidence

Requirements

• Minimum of five years of total professional experience, including at least three years performing internal audits in cybersecurity, IT general controls, or infrastructure risk within financial services or consulting
• Strong working knowledge of cybersecurity operations, controls, and governance practices
• Proven ability to independently complete audits from planning through reporting with minimal oversight
• Excellent written and verbal communication skills, particularly for documenting observations and explaining results to clients
• Bachelor's degree required
• One or more relevant professional certifications: CISSP, CISA, or equivalent

Technologies and Frameworks

• NIST CSF
• COBIT
• ISO 27001

Benefits

Career Growth

About Crowe