Senior IT Auditor

GENERAL SUMMARY

The Senior IT Auditor is responsible for Information Technology (IT), Information Security (IS), and Integrated Audits as well as special projects under the direction of IT audit management. The Senior IT Auditor will assist Internal Audit management with project planning, execution, and reporting.

• Under the direction of IT Audit management, owns the execution of assigned key audit process areas (planning, testing, reporting and remediation testing activities) for IS, IT, and Integrated Audits in accordance with professional and department standards.
• Responsible for owning and executing assigned audit process areas from start to finish, including planning, audit execution (according to a risk-based approach), recommending internal control improvements, preparing audit reports and conducting remediation testing activities.
• Effectively manage the budget and deadlines and provide timely project updates to management for assigned audits.
• Demonstrate experience in IT, IS, IT application controls, business process control reviews, systems development/project reviews and IT general computer controls.
• Ensure the assigned audit deliverables (e.g., planning memo, audit report) meet department guidelines, and the conclusions are properly supported.
• Ensure assignments are completed within established time frames and that delays/issues/concerns are communicated to Internal Audit management in a timely manner.
• Partner with process owners to promote and support a culture of continuous process improvement and efficiency driving toward standardized practices.
• Stay abreast of emerging IT/IS risks issues in the areas applicable to the Bank.
• Obtain and maintain a general understanding of business activities, objectives, applicable laws, regulations, and associated risks to the Bank and industry.
• Identify opportunities for, and participate in approved special projects, investigations or other significant business issues.

• Bachelor's degree in Accounting, Finance, Information Technology or a related field is required.
• Minimum 3 years of IT/IS audit-related work experience in a public accounting or private industry internal audit, including at least 2 years in a Bank or Financial Services industry is required.
• Familiarity with one or more of the following areas is highly desirable:
  • IP networks infrastructure (network topology, switches, routers, firewalls, intrusion detection / prevention)
  • Windows active directory (policies, structure, elements)
  • Databases (SQL, Oracle, DB2, monitoring tools)
  • Mobile technologies (data leakage prevention, BYOD security)
  • Cloud Computing
  • Standards / Frameworks (CoBIT 5, ITIL, ISO 15504, ISO 20000, ISO 27000, ISO 31000, ISO 38500, NIST series 800 guidance)
  • Knowledge and understanding of Information Technology operating systems including mainframe, MS Windows, UNIX, and Linux.
• Ability to work independently and with others.
• Knowledgeable about the financial industry and related markets, regulatory bodies, and current industry events and trends.
• Deep understanding of risk assessment, audit methodology, and IT audit execution.
• Strong time management and organizational skills including the ability to manage multiple projects and competing priorities.
• Ability to exercise sound judgment in the execution of assignments and communication with others.
• Excellent verbal and written communication skills; interpersonal and presentation skills - ability to work closely and collaboratively with people at all levels in the department and within the organization.
• Strong analytical thinker and detail oriented with the ability to proactively identify issues and assist in resolution.
• Excellent computer skills, proficient in Microsoft Office products (Excel, PowerPoint, Word, etc.).

* CISA, CISM, CISSP or other relevant professional certification highly desirable

* Additional qualifications, such as CFE, CIA and CAMS also preferred

$70K - $110K / year
Pay determined based on job-related knowledge, skills, experience, and location.
This position may be eligible for a discretionary bonus.

Cathay Bank offers full‑time employees a competitive benefits package, including medical, dental, vision, life, long‑term disability, flexible spending accounts (FSAs), health savings account (HSA) with company contributions, voluntary coverages, and a 401(k) plan.

Cathay Bank is an Equal Opportunity and Affinative Action Employer. We welcome applications for employment from all qualified candidates, regardless of race, color, ethnicity, ancestry, citizenship, gender, national origin, religion, age, sex (including pregnancy and related medical conditions, childbirth and breastfeeding), reproductive health decision‑making, sexual orientation, gender identity and expression, genetic information or characteristics, disability or medical condition, military status or status as a protected veteran, or any other status protected by applicable law.