Position Overview:

The SVP candidate will be a key member of the Information Technology Audit Team with responsibility for leading the development and expansion of audit coverage over the IT audit coverage of Infrastructure, Information Security, and business aligned Technology, including business applications. The role is responsible for performing complex and critical audits and assessments of Jefferies risk and control environment in coordination with the global audit team.

Responsibilities include:

• Maintain compliance with audit methodology, while also operating within industry best practices, applicable accounting and business regulations, and internal and external professional practice expectations.
• Maintain IA’s approach to opining on the quality of Information Technology.
• Supervise and coordinate work assignments amongst audit team members. Provide timely feedback, on-the-job training, and coaching to audit staff and direct reports.
• Directly oversee a portion of the auditable universe for Infrastructure, Information Security, and business aligned technology, including risk assessment, continuous monitoring, annual planning, and execution of the audit plan.
• Collaborate with other IA teams to ensure appropriate coverage and assessment of IT where required by legal entity or regulatory requirement.
• Lead walkthrough meetings and interviews with business/IT stakeholders to develop understanding of technology processes.
• Lead formal discussions with technology stakeholders throughout the duration of audit engagements to communicate status or concerns.
• Identify potential risks and controls and lead development of audit scope and work programs.
• Evaluate design and operating effectiveness of internal controls and identify control weaknesses.
• Generate insightful, meaningful observations that effectively convey significance and impact on risk and/or risk management practices, reporting findings and audit issues to Audit Management.
• Document and review workpapers demonstrating the work was appropriately performed (e.g., detailed lead sheets describing the control attributes that were tested and the results were documented in a manner to support the conclusions reached, effectiveness and sustainable controls are evident in documentation). Documentation should stand alone to enable re-performance.
• Complete work on a timely basis and deliver work products that meet objectives and standards of methodology, applicable standards, and regulatory requirements.
• Lead development of audit reports (or similar deliverables) using appropriate business and technical language.
• Build relationships with peers and stakeholders and exhibit a high standard of performance and professional conduct that will create a culture of integrity and inclusion; where all individual and departmental choices are rooted in good judgment and support Jefferies values and corporate culture.
• Demonstrate strong professional skepticism and personal accountability.

Desired Background and Skills

• A bachelor’s or master’s degree in a relevant field (e.g., accounting, business administration, finance, MIS, cyber security, computer science, etc.)
• Minimum of 10+ years of relevant experience in technology, security, infrastructure, or relevant areas and/or internal audit experience preferred, including experience assessing internal control frameworks and testing of design & operational effectiveness of controls.
• Relevant certification preferred (e.g., CISA, CISM, CISSP, CIA, CPA, etc.)
• Advanced understanding of concepts related to information systems audit, including information security, cloud and virtual technology services, operating systems, database, middleware, infrastructure technology, threat & vulnerability management, problem & incident management, change management, application development, networking, resilience, logical and physical access security, etc.
• Familiarity with IT governance frameworks and guidelines (e.g., ITIL, COBIT, NIST, CIS, FFIEC, etc.), as well as technology architecture, data governance, and cloud.
• Candidates must have strong written and verbal communication skills, the ability to adapt to change, be flexible and open minded. The candidate must also demonstrate the ability to be decisive and committed to accomplishing task.
• Ability to identify and apply analytics approaches to deliver high quality audits, including familiarity with data analytic and visualization tools such as Excel, Access, Alteryx, or Power BI.
• Employs critical thinking skills to identify pragmatic recommendations within an evolving and increasingly complex regulatory and risk management environment.
Ability to work well individually, and in teams, share information, support colleagues, and encourage participation.

Primary Location: New York Full Time Salary Range of $200,000-$220,000

#LI-MB1