Associate, IT Internal Audit

Fortitude Re’s Associate, IT Internal Audit provides independent and objective assurance, advice, and insight guided by a philosophy of adding value to improve the operations of Fortitude Re. The Associate, IT Internal Audit assists Fortitude Re in accomplishing its objectives by bringing a systematic and disciplined approach to evaluate and improve the effectiveness of Fortitude Re’s control environment including risk management, operational, financial, internal control, and governance processes.  We are looking for candidates that are proactive, continuous learners and open to improved ways of doing things, both with business stakeholders in the development of solutions to problems and internal audit processes.  We see this role as an opportunity for internal mobility and to take on additional responsibilities within the organization.  
 
What You Will Do: 

As an Associate, IT Internal Audit you will be part of Fortitude Re’s growing audit team in the Nashville, TN or Jersey City, NJ offices and can work a hybrid schedule. You will report directly to the Head of IT Audit and collaborate with Fortitude Re stakeholders, counterparties, external auditors and third-party service providers to:

• Support the internal audit function in executing their responsibility to test the Company’s SOX and MAR controls
• Support the internal audit team to identify and analyze the inherent IT risks and the controls that management has implemented to mitigate their risks
• Validate that the Company operates in a controlled environment with appropriate risk-management processes.
• Evaluate the adequacy and effectiveness of the Company’s IT internal controls using a risk-based methodology developed from professional auditing standards.
• Contribute to the overall effectiveness and value of internal audit by recommending and developing innovative approaches and solutions (e.g. the use of data analytics, automation, and agile audit methodologies)
• Assist in the execution of all phases of the audit, including scope determination, audit planning, fieldwork and testing, discussion and documentation of findings, and report writing.  Ensure the execution of the audit plan within departmental methodologies and standards.
• Assist with working with the Internal Audit team in documenting the business processes dependent on information technology.
• Support the on-going communication with business line management to follow-up on previously identified audit issues, as well as execution of testing to verify closure
• Support the internal audit team to clearly and concisely communicate audit results or other key messages to a variety of constituents, including senior business and audit management, and advise on emerging industry or regulatory topics/issues that may impact audit coverage
• Support the internal audit team to continuously update the IT business risk and IT control environment assessments, including key risks and controls, through periodic meetings with management, ad-hoc walkthroughs, monitoring of key business metrics and data analytics
• Some travel may be required

What You Will Have:
 

• 2 years of relevant internal or external audit or risk management experience
• Bachelor’s or Master’s degree in Computer Science, Management of Information Systems, or another relevant subject
• Certified Information Systems Auditor (CISA) preferred, or willing to pursue
• A certified professional designation (e.g., CPA, CIA, CRISC, CISSP), is expected
•  Experience in auditing IT general controls (ITGCs) and IT control testing of applications, operating systems, and databases
• Experience with common IT risk management frameworks such as COBIT, FFIEC, ITIL, NIST, ISO27001, etc.
• Experience in testing SOX/MAR controls and working knowledge of the COSO 2013 framework is advantageous
• Excellent verbal and written communication skills.
• Highly motivated and committed to learning and progressing