Senior Associate, IT Audit
Discover. A more rewarding way to work.
At Discover Financial Services, you’ll find yourself in the company of some of the industry’s smartest and most reliable professionals. And at a company that rewards dedication, values innovation and supports growth.
Thrive in an environment that promotes teamwork and shared success. Build on a foundation of mutual respect. Join the company that understands rewarding careers like no other, with this exceptional opportunity:
At Discover Financial Services (DFS) you will find yourself in the company of some of the industry’s smartest and most reliable professionals. And at the company that rewards dedication, values innovation and supports growth. Thrive in an environment that promotes teamwork and shared success. Built on the foundation on mutual respect. Join the company that understands rewarding careers like no other.
The Internal Audit Senior Associate uses operational and technical skills to support the DFS Internal Audit Department objectives. With minimal supervision from the Lead and Supervisor the Internal Audit Senior Associate is assigned to a schedule of internal audit reviews where they will follow the DFS Internal Audit methodology, interview clients, create process flows and narratives, review business processes, identify and assess controls, test key controls, develop findings and communicate with clients to develop and follow up on action plans.
The audits and special reviews will be of the Direct Banking (Marketing, Operations, Consumer Banking and Credit Risk Management), Human Resources, Finance, Corporate Risk Management, Payment Services, IT General Controls, IT Network and Infrastructure, Models, Corporate Support, with an objective to improve controls and efficiencies of the activities reviewed. Promote a risk-aware culture, ensure efficient and effective risk and compliance management practices by adhering to required standards and processes
General Internal Audit Requirements:
- Audit Lifecycle: (Planning, fieldwork, reporting, post reporting, budgeting/resources) :
- With minimal oversight from the Lead or Supervisor:
- Demonstrate an awareness of Internal Audit Methodology by actively participating in every phase of the audit including planning, fieldwork and reporting (i.e. International Professional Practices Framework (IPPF) and Committee of Sponsoring Organizations (COSO) 2013)
- Complete assigned audits/audit tasks using department tools, standards and guidelines within established timetables with high quality results
- Possess an understanding of the how various aspects of an audit are related to the overall scope of the audit
- Escalate potential findings in a concise format to the audit lead for discussion
- Document work papers and findings in accordance with Internal Audit Methodology or direction provided by the lead in a concise and logical manner
- Identify, assess and document risks and controls in the automated work paper tool
- Assist with drafting all aspects of the Internal Audit Report
- As a Senior Associate independently:
- Understand how applications and related Information Technology (IT) General Controls support achievement of business processing objectives
- Demonstrate efficiency and effectiveness of managing their own time with limited supervision to consistently meet deadlines and audit engagement objectives.
- Communicate (verbally as well as written) findings to lead and internal audit management for discussion
- Attend walkthrough meetings and document narratives/flowcharts
- Discuss, develop and negotiate findings with clients to facilitate documentation in accordance with the departmental style guides
- Follow-up of assigned actions from the audit (status updates and verifications)
- Strategic Thinking: (Thought leadership practices):
- Participate in special projects or other duties as assigned
- Contribute to Department Initiatives to improve Internal Audit processes and assist the department in achieving its purpose and meeting its goal
- Develop skill sets by meeting required training and obtaining advanced degrees and/or certification pursuant to department guidelines
- Multi-task work to meet established timeframes of several jobs (audits, special projects, verifications, etc.)
- Informational Technology
- Analyze the IT environment to identify application and infrastructure risks and controls as they relate to the relevant business risks.
- Coordinate application reviews and act as the IT resource in integrated audits
- Enhanced knowledge of COBIT 5.0 frameworks
- Bachelor’s Degree in Business Administration, Computer Science, Information Systems Administration or an alternative technology related field
- 3+ years of IT, internal audit, or consulting experience
- Good understanding and knowledge of business risks related to general system controls, systems / applications development, change management, cyber security and logical access security, local area network and wide area network concepts, network security mechanisms, contingency and recovery
- Working knowledge of UNIX and Windows environments
- Knowledge of Sarbanes-Oxley, COSO, ISO27001/ISO27002, NIST Cybersecurity framework and COBIT 5.0 frameworks
- Good knowledge of data management, data protection, and data loss prevention risks and controls
- Working knowledge of IBM Mainframe environment and databases (distributed and mainframe)
- Experience in Financial Services, Banking, Credit Card or Public Accounting preferred
- Experience in compliance, risk management activities, audit, or regulatory examinations helpful
- Individuals that have achieved professional credentials, or are working toward professional certification preferred (CIA, CISSP, CISA, or other relevant certification)
- Open to minimal travel requirements (5% – 10%)
We are an Equal Opportunity Employer and do not discriminate against any employee or applicant for employment because of race, color, sex, age, national origin, religion, sexual orientation, gender identity, status as a veteran, and basis of disability or any other federal, state or local protected class.