AECOM Manager, Audit Services Group – Information Technology in Los Angeles, California
Business Line AECOM Corporate
Position Title Manager, Audit Services Group – Information Technology
United States of America - California
Manager, Audit Services Group - Information Technology
In this Los Angeles based role we’re seeking someone to manage and participate in our Audit Services Group as an information technology audit professional. Audit Services Group is responsible for examining and evaluating the adequacy and effectiveness of the systems of internal controls that guide Company activities toward accomplishing primary business objectives. We will look to you to assist by identifying technology risks (IT), determining risk severity, and developing audit tests of controls and recommending remediation, as appropriate.
Responsible for management and execution of Risk Based IT audit efforts to ensure timely completion of audit engagements within established budgets, while adhering to ASG and IIA performance standards.
Anticipates the impact of new technologies and strategic initiatives of the Company on its Information Security and Privacy risk profile.
Tests layers of systems for information technology effectiveness and managerial control by assessing IT components of platforms and applications against internal standards, policies, procedures, and IT standards and frameworks.
Manages and assists with execution of regulatory compliance test work (e.g. General Data Protection Regulation (GDPR), Defense Federal Acquisition Regulation Supplement (DFARS), Sarbanes-Oxley (SOX)) by coordinating with process owners to identify and test controls, validate process documentation, analyze information technology and business information to identify improvement opportunities.
Demonstrates up-to-date expertise in Information Systems Audit and applies this to the development, execution, and improvement of action plans by providing expert advice and guidance to others in the information technology, security and privacy functions. Supports and aligns efforts to meet customer and business needs, and builds commitment for perspectives and rationales.
Communicates with key stakeholders and Audit Services Group management to confirm audit observations by reviewing audit documents and work papers, observations and recommendations for management, and assists with the resolution of key stakeholder and team issues.
Builds and supports partnerships with key stakeholders, process owners, and executive management, while maintaining independence and objectivity.
Supervise larger teams for responsible projects (up to 9 team members consisting of internal, external & offshore resources), providing guidance and writing performance reviews.
Prepare Audit Committee meeting materials such as summarizing audits completed, risk assessment results, or special presentations on topics of interest.
Assist with maintaining the department budget and other management duties.
Perform other duties as assigned or requested.
Undergraduate or graduate degree in technology or information security fields or other risk management field is preferred
Minimum of 6 years of experience, including 2 years in a managerial role
A professional certification (e.g., CISA, CISM, CISSP, CRISC, CGEIT) is required
Must have the ability to handle multiple tasks in a fast-paced environment
Demonstrable experience functioning well in different cultures and societies
Experience in reviewing organizational structures, business processes and associated IT applications, products and infrastructure
Experience in auditing technical platforms such as UNIX, Microsoft, Networks (routers, switches, firewalls) and databases (e.g. MS SQL, Oracle)
Knowledge of auditing data loss prevention program, cloud services, mobile technology, application security and software development methodologies
In-depth knowledge of Information Security and Information Technology Governance Frameworks (e.g. NIST, ISO, COBIT)
Awareness of changing company policies, organization, accounting procedures, government regulations and audit standards is required
Must have mature judgment and good administrative and organizational skills
Good leadership skills and the ability to take charge, demonstrate confidence to interact with all levels, set objectives, drive results, and be a supportive team player
Excellent communication skills and willingness to accept responsibility
Data analytics experience (e.g. SQL, Alteryx, Tableau) a plus, but not required
Must be willing and able to travel up to 35% including international travel (Valid passport required)
Local candidates preferred.
What We Offer
AECOM is a place where you can put your innovative thinking and business skills into high gear and work alongside other highly intelligent and motivated people. It's a place where you can apply your skills to some of the world's most challenging, interesting, and meaningful projects worldwide. It's a place that values the diversity of our areas of practice and our people. It's what makes AECOM a great place to work and grow. AECOM is an Equal Opportunity Employer.
At AECOM, employee's safety and security are our top Safeguarding core value. All employees are expected to set the highest level of safety expectation in their work, display the highest level of safe behavior, and actively participate in AECOM's Safety For Life Program. SH&E is a part of our company culture and participation is required for all employees.
NOTICE TO THIRD PARTY AGENCIES: Please note that AECOM does not accept unsolicited resumes from recruiters or employment agencies. In the absence of a signed Recruitment Fee Agreement, AECOM will not consider or agree to payment of any referral compensation or recruiter fee. In the event a recruiter or agency submits a resume or candidate without a previously signed agreement, AECOM explicitly reserves the right to pursue and hire those candidate(s) without any financial obligation to the recruiter or agency. Any unsolicited resumes, including those submitted to hiring managers, are deemed to be the property of AECOM.
Job Category Insurance and Risk Management
Business Group Corporate
Country United States of America
Position Status Full-Time
Requisition/Vacancy No. 185598BR
Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status.