IT Audit Manager

At BBH we value diverse backgrounds, so if your experience looks a little different from what we've outlined and you think you can bring value to the role, we will still welcome your application!

What You Can Expect At BBH:

If you join BBH you will find a collaborative environment that enables you to step outside your role to add value wherever you can. You will have direct access to clients, information and experts across all business areas around the world. BBH will provide you with opportunities to grow your expertise, take on new challenges, and reinvent yourself—without leaving the firm. We encourage a culture of inclusion that values each employee’s unique perspective. We provide a high-quality benefits program emphasizing good health, financial security, and peace of mind. Ultimately we want you to have rewarding work with the flexibility to enjoy personal and family experiences at every career stage. Our BBH Cares program offers volunteer opportunities to give back to your community and help transform the lives of others.

Join us as an IT Audit Manager (Application Controls, Data Governance and IT Operations).

Internal Audit provides services that assist BBH’s businesses and support areas in improving their control environments, streamlining their businesses, and achieving operational excellence. Working as part of an audit team, the IT Audit Manager leads multiple technology/integrated audits simultaneously and/or large complex audits (e.g., multi-locations, multi-divisions, complex products). Responsibilities include evaluating risks and controls (particularly with respect to systems and applications) in the context of executing audit reviews, supervising, and reviewing the work of other audit personnel, proactively monitoring audit budgets and deadlines, communicating findings/issues to senior audit team members and management, and devising solutions for business improvements. In addition, the IT Audit Manager will review and/or prepare detailed reports of audit findings, recommend control improvements as appropriate, and follow up on management’s corrective actions.

To accomplish these tasks, the IT Audit Manager needs to work effectively in a team setting to perform audit work in accordance with department and professional standards, and complete assignments in an efficient manner, with sufficient attention to detail, to ensure accuracy and thoroughness of audit coverage.

In addition, the IT Audit Manager has other responsibilities that may include assisting in the development of risk assessments and the annual audit plan, maintaining relationships with key contacts in the business, coaching and developing junior members of the audit team, and leading department initiatives.

Responsibilities include:

Management / Staff Leadership

• Direct and review the activities of the audit project team and work collaboratively on audit reports.
• Work with middle to senior management within a business or function to facilitate the identification and resolution of audit and risk issues.
• Oversee the work of project-specific teams and provides supervision and direction. Responsible for providing progress reports to audit and client management.
• Propose and facilitate viable solutions to issues identified and refines and recommends alternatives proposed by the audit team.
• Maintain effective working relationships at all levels of management in client organizations.
• Provide constructive, accurate and timely feedback to audit management for use in audit team staff evaluations.

Analysis and Reporting

• Participate in more complex audits and/or subject matter and deliver industry expertise and perspective to the team and management.
• Evaluate the system of internal controls and prepare risk assessments, audit programs and audit planning memos as appropriate.
• Perform project specific work/tasks.
• Develop, execute, and document control evaluation procedures:
  • Organize and analyze audit data and summarize audit findings for manager review.
  • Draft audit reports that provide a clear, detailed description of issues identified, related implications to the business and recommendations to resolve the issues.

Communication

• Assess and escalate issues identified during audit assignments or special projects in a constructive manner.
• Participate in discussions with senior management related to audit results and recommendations.
• Work with senior management to stay abreast of changes in the business and growth plans and provide strategic advice and counsel on risk-related matters.

Research

• Apply and leverage current and emerging audit tools and techniques in data analysis.
• Participate in audit scope discussions.
• Perform technical research using external and internal source material.

Administrative/Other

• Assist outside regulators and external Auditors in accomplishing their goals.
• Participate in discussions of audit.

Qualifications:

• Bachelor's or Master's degree in information systems or related disciplines.
• 8-10+ years audit or relevant business line experience.
• Project management experience.
• Excellent communication and interpersonal skills required with ability to present complex and sensitive issues to senior management.
• Professional audit certifications preferred (e.g., CISA, CISM, CIA)
• Works well individually and in teams by sharing information and supporting colleagues.
• Serves as mentor and provides supervision and guidance to audit team members.
• Strong analytical skills.

Areas of expertise should include most of the following:

• Areas of expertise should ideally include abilities in computer systems, banking applications, regulatory.
• Application Controls including Web Applications
• Information Access Management
• Cloud Security
• Vendor Security
• Security policies and standards
• Security Frameworks (e.g., NIST, FFIEC)
• Operating Systems (Windows, Linux/UNIX, MVS)
• Database platforms (SQL, Oracle, DB2)
• Systems Development Life Cycle
• Data Governance
• Business Continuity Plan & Recovery Business
• Knowledge of the following systems is helpful: ITIL (Information Technology Infrastructure Library), ServiceNow, Splunk or related.

This role is based in our New York City location and is a hybrid role, with three days per week in office.

We are an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, gender, national origin, age, genetic information, creed, marital status, sexual orientation, gender identity, disability status, protected veteran status, or any other protected status under federal, state or local law.

Salary Range

$120k-$160k base salary + annual bonus target

BBH’s compensation program includes base salary, discretionary bonuses, and profit-sharing. The anticipated base salary range(s) shown above are only for the indicated location(s) and may differ in other locations due to cost of living and labor considerations. Base salaries may vary based on factors such as skill, experience and qualification for the role. BBH's total rewards package recognizes your contributions with more than just a paycheck—providing you with benefits that enhance your experience at BBH from long-term savings, healthcare, and income protection to professional development opportunities and time off, our programs support your overall well-being.