Position Summary:

As an experienced IT audit professional, reporting to the Chief Internal Auditor, you will work independently in executing audits. The IT Audit Manager is primarily responsible for overseeing and conducting audits of the Company’s information systems, technology infrastructure, and operations to ensure compliance with internal policies, industry standards, and value for money audits. This role requires a deep understanding of IT processes, risk management, and auditing principles. The candidate will also assist the Chief Internal Auditor in managing the audit department operations.

As a member of the leadership team, the IT Audit Manager will, as needed, be involved in various corporate and inter-departmental IT and non-IT initiatives and projects where the candidate’s knowledge and skills will be leveraged to ensure effective governance, risk and mitigations processes.

Responsibilities:

Relationship management and advisory service

• Champion a customer focused culture to nurture client relationships and gain understanding of business priorities, IT operations, challenges, and plans while supporting corporate programs.
• Be a trusted source of knowledge / advise to the business and IT teams, and assist them with improving risk management, controls, and operational efficiency by sharing knowledge and skills.
• Provide risk assurance and advisory support for strategic initiatives as necessary, including the adoption of automation, machine learning, and AI ensuring governance, risk identification and mitigation processes are effective.
• Represent the Internal Audit team in corporate initiatives as required.

Audit

• Responsible for conducting IT process and regulatory compliance audits (e.g. PCI DSS, PIPEDA). This involves planning, conducting risk assessments, developing and executing audit programs to evaluate the effectiveness of IT processes and controls.
• Communicate the audit results to Senior Management verbally and through clear and concise audit reports summarizing findings, conclusions, and recommendations, and follow-up on the implementation of recommendations.
• Work closely with other Internal Audit team members to ensure all other audit activities are progressing as planned.
• Stay current with industry trends, regulatory changes, and emerging technologies to maintain a robust IT audit function.
• Lead the Internal Audit department in developing an AI strategy and adopting AI in our audit practice as applicable.

Risk Assessment

• In conjunction with the Chief Internal Auditor and other team members, oversee the development and execution of the annual Entity Risk Assessment exercise with the Senior Management team and the Board of Directors and reporting to the Board.
• Contribute towards the IT Risk Assessment exercise and liaise with the IT department to review and improve information risk management strategies and processes.
• Assist with Disaster Recovery and Business Continuity Planning test exercises.

Department administration

• In conjunction with the Chief Internal Auditor and other audit team members, develop and oversee the execution of the annual audit plan.
• Ensure the departmental policies and procedures are current.
• Provide guidance and foster a culture of continuous improvement and professional development within the audit team to increase the team’s efficiency and effectiveness.
• Drive change and leadership best practices.
• Other related duties as required or assigned.

Position Qualifications:

• One or more of the following or related certifications required:

  • Certified Professional Accountant (CPA)
  • Certified Internal Auditor (CIA)
  • Certified Information Systems Auditor (CISA)
  • Certified Information Systems Manager (CISM)
  • Certified in Risk and Information Systems Control (CRISC)
  • Certified in the Governance of Enterprise IT (CGEIT)
  • Certified Information Systems Security Professional (CISSP)

• Bachelor’s degree in Information Technology, Computer Science, Accounting, or a related field.

• Experience with the following IT Security Frameworks preferred: Payment Card Industry Data Security Standards (PCI DSS), ISO 27001 / 27002, Control Objectives for Information and Related Technology (COBIT), NIST Cybersecurity Framework preferred.

• Minimum of 8 years of progressive experience in IT auditing, risk management, or a related field.

• Minimum of 4 years of experience as a manager.

• Prior experience leading and mentoring audit teams.

• Proven ability to build relationship at all levels of the organization.

• Must be pro-active and have a positive attitude.

• Strong written and verbal communication skills, with the ability to present complex information clearly and concisely.

• Demonstrated ability to work with internal stakeholders and external vendors

• Exposure to AI use in organizations or Internal Audit.

• Business oriented analytical and problem-solving skills with a keen attention to detail.

• Proven ability to manage multiple projects and priorities in a fast-paced environment.

• High level of integrity and professionalism, with a commitment to ethical standards and confidentiality.

Our Offer

• 407 ETR usage (taxable benefit)
• Competitive salary, bonus structure
• Competitive vacation package
• Community culture
• Continued education budget
• Expect excellence: Collaborative team, learn, and grow with a high-performance team

About 407 ETR

Highway 407 ETR is an all-electronic open-access toll highway located in the Greater Toronto Area in Ontario, Canada. The highway spans 108 kilometres from Burlington in the west to Pickering in the east.

407 International Inc. is the sole shareholder of 407 ETR and is owned by:

• Cintra Global S.E. which is a wholly owned subsidiary of Ferrovial S.A. (48.29%);
• Canada Pension Plan Investment Board (CPP Investments) and other institutional investors (44.20%); and
• Public Sector Pension Investment Board (PSP Investments) (7.51%)

Learn more at

407etr.com

.

Note: At 407 ETR, we are committed to fostering a diverse, equitable, and inclusive work environment. We value the unique perspectives and backgrounds of all individuals, and we firmly believe that our individual differences make us stronger as a whole.

Our commitment to inclusion extends beyond recruitment and encompasses an inclusive workplace culture through raising awareness, ongoing training, and encouraging feedback. We aim to create a safe and supportive environment where all employees can thrive.

Accommodation for disabilities or other grounds protected by human rights legislation are available upon request for candidates taking part in all aspects of the employment selection process.