Leader, IT Audit Job in Toronto for Technical Safety BC | Jobs.ca

Leader, IT Audit

September 29 2021
Categories Accounting, Finance, Audio-Visual, Certification, Audit, Data Business Analyst, Health, Safety, Environment, Management, Consulting, Quality, Test, Inspection, Trades, Technicians, Construction
Toronto, ON

The Opportunity

The Leader, IT Audit is primarily responsible for conducting information technology/system audits to support and enhance Technical Safety BC’s information and technology ecosystem’s operational effectiveness, risk management, internal control, and governance. In this role, you will lead in providing Board assurance activities for the current business transformation system conversion project and other high-risk organizational projects. The position will also provide advisory services for senior management to improve its business operations and to reduce enterprise risks associated with both internal technology and regulated technical equipment that impact the success of Technical Safety BC’s strategy, goals and objectives.

The Internal Audit function at Technical Safety BC has an independent reporting structure to the Board of Directors.

Status: Regular, Full-Time, Excluded
Location: Anywhere in BC or head office in Vancouver, BC
Reports to: Director, Internal Audit

As a Leader, IT Audit, you will:

Lead and manage end-to-end assurance audits related to a business transformation system conversion project and IT related audits. This includes planning, preparation, execution, reporting, and follow-up, which assess multiple objectives such as project health, operational effectiveness and efficiency; reliability of internal and external reporting; effectiveness of IT processes and IT control environments, risk mitigation, and compliance with applicable laws, regulations, internal policies and procedures. This position is also accountable to providing assurance to the Board.

Assurance Function - Performs internal audits to the professional internal auditing standards using both traditional and agile audit methodology.

  • Planning: risk assess audit objectives cross-functionally and determine audit scope; prepare internal audit scoping documents.
  • Preparation: determine audit criteria in accordance to professional standards, review relevant documents, record and develop audit procedures and working papers; liaise with external auditors; coordinate audits with auditees.
  • Execution: perform fieldwork through interviews to collect information, observations, and reviews objective evidence; perform data analysis, benchmark with external organizations and research leading best practices.
  • Reporting: summarize and validate audit findings, identify process improvements, provide practical business solutions and prepare audit reports with recommendations to management; present audit findings to senior management and Board.
  • Follow-up: monitor status of outstanding audit action items; validate management’s actions prior to closure; prepare reporting for Senior Management and assist Director, Internal Audit in preparing materials for reporting to the Board.

Advisory Function – Consulting Services

  • Perform project governance and program reviews as requested by management.
  • Perform continuous auditing using Computer Assisted Audit Techniques (CAATs) on key high risks that impact on the organization’s strategy, goals, objectives, and projects.
  • Provide input to business units on the design of internal controls and governance processes for new initiatives relating to information systems, technology and advanced data analytics. This may include providing expert advise on security risks associated with the use of instrumentation and Internet of Things in regulated technologies that are under the mandate of Technical Safety BC.
  • Actively research and benchmark best practices in technology including information/data security with external organizations..
  • Participate in confidential investigations, as required, where fraud or other impropriety is suspected. Present results and provide expertise on risk mitigation and internal control practices.
  • Provide agile and dynamic view of IT risk, leverage data and technology to deliver assurance, and provide risk insights to improve internal processes and risk management.
  • Independently identify external and internal technology and security risk areas, and work collaboratively across the organization to mitigate risks.

Administrative Function

  • Liaise with subject matter experts (external consultants and internal stakeholders) and ensure they deliver the agreed upon services on a timely basis.
  • Support the Director, Internal Audit in developing annual risk-based Internal Audit Plan.
  • Manage internal audit projects within budget and schedule.
  • Support Internal Audit Team on specific projects to enhance the internal audit function.
  • Oversee employee and labour related issues, including workforce planning, coaching and performance management, when required.

Knowledge, Skills & Experience you have:

  • BS or MA in Management Information Systems, Information Security, Computer Science, or a related field.
  • Advance knowledge of information systems, information security, and emerging technologies either obtained through a degree in related studies and/or minimum 8-10 years of practical experience required.
  • Professional IT designation such as Certified Information Systems Security Professional (CISSP) and/or Certified Information Systems Auditor (CISA) is required.
  • Certified Internal Auditor (CIA) or related audit standard certifications is an asset.
  • Proficiency in concepts such as application development, technology governance, incident response, encryption standards, cybersecurity fundamentals, data security required.
  • Advanced knowledge of IT general controls, application controls, privacy principles for protecting data, cloud computing, source code repositories, software development tools, internet of things and emerging technologies required.
  • Experience with planning, executing, and reporting an audit.
  • Working in-depth knowledge of IT related frameworks (e.g. NIST, ISO, COBIT, SOX, and PCI) including tools such as MS Office, Audit Management and CAAT tools is preferred.
  • Proven agile project management skills in a multi-assignment environment is preferred.
  • Experience with cross-functional business applications, system securities, public sector and not-for-profit standards, payment card industry data security standard, business intelligence, system data conversions and fraud investigations are considered assets.
  • Successful completion of security screening requirements of the BC Public Service, which may include a criminal records check, and/or Criminal Records Review Act check, and/or enhanced security screening checks
  • Demonstrate sound understanding of internal controls and risk management principles

You can also be described as:

  • Quick, adaptable & results-driven – you are able to adapt quickly and be effective in new situations, with a focus on driving to results.
  • Creative problem solver – with your exceptional analytical and creative problem-solving skills you constantly think of new solutions to mitigate risks and resolve issues.
  • Influential communicator – your excellent interpersonal, oral and written communication skills give you confidence in dealing with people at all levels across the organization.
  • Risk mitigating – you have a successful track record of identifying key issues and risks that impacts on the organization and provide practical solutions.
  • Having sound judgment & discretion – your proven ability to maintain high confidentiality on all matters makes you a credible and trusted partner.
  • Detail-oriented & organized – you can see the big picture and also pay attention to the complex details within. You can quickly organize and prioritize a large amount of information, along with utilizing your project management skills to work on multiple projects at the same time.

About Technical Safety BC

Technical Safety BC is an independent, self-funded organization that oversees the safe installation and operation of technical systems and equipment across the province. In addition to issuing permits, licenses and certificates, we work with industry to reduce safety risks through assessment, education and outreach, enforcement, and research. Through simplification of our initiatives, we promote understanding and engagement, making safety accessible to everyone. As society changes, we create and adopt new ideas, skills, and tools that will enable us to meet the safety challenges of a highly-connected world.

We're always looking for exceptional people to bring new ideas, fresh thinking and the motivation to help shape the safety system in B.C. We are strongly committed to fostering diversity within our community. Technical Safety BC welcomes those who would contribute to further diversifying our organization, as we are an equal opportunity employer.

Our values guide our work.

  • We See Genius in Diversity
  • We Foster Confidence
  • We Make the Complex Simple
  • We Adapt

This opportunity will remain posted until filled; however, priority consideration will be given to those who apply early. To see a full list of our current opportunities or to learn more about Technical Safety BC, please visit our website at technicalsafetybc.ca.

Apply now!