VP Internal Audit - IT

Position Overview

The Vice President, IT Internal Audit plays a critical leadership role in assessing, monitoring, and strengthening the technology control environment across the bank. This role helps ensure that technology operations, infrastructure, cybersecurity, data, and digital transformation initiatives are conducted safely, securely, and in alignment with regulatory expectations. The successful candidate will lead complex audits, guide audit teams, and provide strategic insights to senior management on emerging technology risks.

Key Responsibilities

Audit Leadership & Execution

• Lead the planning, scoping, and execution of IT, cybersecurity, and data‑related audits across multiple business lines and technology domains.
• Oversee end‑to‑end audit processes, including risk assessment, control testing, documentation, reporting, and remediation validation.
• Ensure audit work meets professional standards (IIA, ISACA) and aligns with the bank's methodologies.

Risk & Control Advisory

• Evaluate the effectiveness of IT general controls (ITGC), application controls, cybersecurity controls, cloud governance, resilience, and data management frameworks.
• Provide advice on emerging technology risks including AI/ML, cloud transformation, DevSecOps, and digital platforms.
• Identify opportunities for control and process enhancements, ensuring recommendations are practical and risk‑aligned.

Team Leadership & Collaboration

• Mentor and develop junior auditors, supporting skills growth in cybersecurity, data analytics, cloud, and emerging technologies.
• Collaborate with business auditors to deliver integrated audits and cross‑functional risk assessments.
• Partner with technology leaders to promote a strong risk culture and transparency in issue management.

Regulatory Engagement & Reporting

• Prepare high‑quality audit reports and present key findings to senior management, risk committees, and governance bodies.
• Support regulatory examinations by coordinating responses, providing evidence, and addressing technology-related queries.
• Stay informed of regulatory developments affecting information security, technology operations, and financial services.

Required Qualifications

• Bachelor's degree in Information Technology, Computer Science, Cybersecurity, Engineering, or related field.
• 8+ years of IT audit, risk management, cybersecurity, or technology experience within financial services or similarly regulated industries.
• Strong understanding of:
  • Cybersecurity frameworks (NIST, ISO 27001, CIS)
  • Cloud platforms (AWS, Azure, GCP) and associated controls
  • ITGC and SDLC/DevOps methodologies
  • Data governance, privacy, and resilience
  • Technology risk management and control frameworks (COBIT, FFIEC)
• Excellent verbal and written communication skills with the ability to convey complex issues concisely.

Preferred Qualifications

• Professional certifications such as CISA, CISSP, CRISC, CIA, or cloud security certifications.
• Experience with large‑scale digital transformation, cloud migrations, or platform modernisation.
• Expertise in data analytics tools (e.g., SQL, Python, Power BI) to enhance audit execution.
• Previous experience presenting to senior executives or audit committees.

Competencies

• Strong analytical and critical‑thinking skills.
• Ability to influence stakeholders and drive risk‑based decisions.
• High level of integrity, independence, and professional skepticism.
• Strong project management and multitasking capabilities.
• Commitment to continuous learning and adapting to emerging technologies.