Job Description

Position Summary

The IT Audit Analyst, working with the Global Head of IT of Audit, the Head of IT Audit, Europe & Asia, the Head of Data Analytics, and the IT Audit Manager will assist in the annual risk assessment process, perform IT Audits, IT Sarbanes Oxley (SOX) testing, and participate on special project teams, including data analytics projects, on an as needed basis. Use a risk based approach (e.g., COBIT, COSO, Risk IT, NIST, ITIL) combined with on-site audits and continuous monitoring to evaluate and analyze the efficiency and effectiveness of controls. Work with management to write detailed audit programs to test the internal controls, and analyze reasonable threats and the resulting exposure. Document findings and interface with line management to confirm accuracy of observations and agree upon action plans. Write clear, concise and persuasive audit reports and other documents summarizing level of risk, scope, findings, recommendations, and the current status of the issues. Participate in special audits or project reviews.

Major Responsibilities:

To support the IA function in providing management and the board with an independent assessment on the adequacy and effectiveness of the group’s (BGC and Cantor) processes for controlling its activities and managing its risks.

• To support the IA function in providing management, the board and the regulators assurance of compliance with SOX regulations.
• Delivering a portfolio of high quality audits, working collaboratively with Technology and audit colleagues globally.
• Establish and maintain effective relationships with middle level IT Management across the firm to better position the IT Audit function to perform audits and provide value added services to our clients.
• To produce effective reports and opinions which successfully influence executive management to manage risk prudently within the companies risk appetites.
• To promptly respond to and complete ad hoc business requests, including those directed by the Head of Data Analytics, Head of IT Audit Europe and Asia, and the Global Head of Audit
• To positively participate as part of the wider IA team in all situations.
• Ensure outstanding issues are clearly positioned with senior stakeholders to enable management to resolve in a reasonable timeframe.
• Ensure that audits are delivered on time and to a high standard.
• Experience in technical competence areas.
• Responsible for the execution of the company’s SOX compliance program, including:
  • Quarterly control certifications;
  • Maintenance of detailed and accurate SOX documentation including control descriptions, test plans and results;
  • Maintain proficient level knowledge of SOX related technical guidance standards.
• Assist in the expansion of the data analytics program, including:
  • Assist in the implementation and build out of a data analytics tool;
  • Assist in defining various data analytics rules to be implemented for continuous monitoring of controls;
  • Assist in producing data analytics reports on behalf of Internal Audit requests

Key Contacts and Working Relationships

• Establish and maintain relationships with key stakeholders within IT
• Liaise with other control functions (Compliance, Risk and Internal Controls) to ensure clear understanding of risks to the business is understood to ensure a consistent message is conveyed to the business.

Skills:

• Experience of performing SOX audits
• Supervisory experience leading junior auditors
• Experience of performing IT audits with a solid understanding of both infrastructure and applications
• Familiarity with IT Risk Management Methodologies
• Internal Audit and/or consulting experience (preferably Big-4)
• Excellent verbal and written communication skills
• Ability to discuss technical findings with a non-technical audience.
• Project Management Skills

General:

• Keep up to date with IT developments, legislation and regulatory requirements
• Ability to audit complex systems to ensure that the data within the system is correct and sufficiently protected
• Strong analytical and investigation skills
• Self-motivated and able to work independently and as part of a team

Education/ Experience Requirements:

• Undergraduate degree in Information Technology, Computer Science, Management Information Systems or other related discipline
• One or more certifications (CISA, CRISC, CISSP, etc.) or graduate degree preferred
• 3 to 5 years’ IT Audit or IT Risk Management Experience
• Big 4 Accounting experience preferred