NCR Corporation (NYSE: NCR) is a leading software- and services-led enterprise provider in the financial, retail and hospitality industries. NCR is headquartered in Atlanta, Georgia, with 36,000 employees globally. NCR is a trademark of NCR Corporation in the United States and other countries.
As an IT Audit Manager - Specialist, you will:
- apply best practice and leading-edge audit techniques to plan and implement audit activities over technical assurance projects as identified in the annual audit plan and in accordance with departmental strategy and priorities, particularly related to Information Technology.
- Identify technical related risks across all divisions and business functions. Recommend practical, appropriate, and cost-effective methods to reduce identified risk exposures and increase the strength of the overall IT control environment.
- Deliver high quality reports and presentations to senior management to raise the level of IT control awareness throughout NCR. Develop, maintain, and leverage ongoing IT related relationships with individuals across the business by effectively communicating the role of GIA within NCR.
This role is responsible for evaluating the effectiveness of technical related controls, identifying ineffective practices, risk-assessing the audit universe, recommending measures for improvements and monitoring compliance with policies and procedures. The IT Audit Manager - Specialist directs the work of 1 - 5 team members (does not necessarily mean this position will have these as direct reports). Specific accountabilities include executing successful audit fieldwork and drafting high quality reports which present issues and balanced conclusions that demonstrate a depth of business and technical knowledge. Additionally, will develop, maintain, and leverage ongoing relationships with individuals across NCR by effectively communicating the role and value of Internal Audit. Key Areas of Responsibility:
• Participating in the annual audit plan and related risk assessments. Providing subject matter expertise for corporate functions and divisional operations.
• Evaluating internal controls and interpreting field audit results for any internal control weaknesses and lack of compliance with internal procedures and policies which may result in inadequate, inefficient, or ineffective operations
• Determining root causes for control issues, developing practical solutions and value-added recommendations, and concluding as to the effectiveness and efficiency of overall controls and business practices
• Reviewing audit universe for inclusion or exclusion of new line of businesses, entities, risk evaluations and coordination with other groups involved in risk assessment activities (such as SOX related reviews)
• Participate in gathering and evaluating large amounts of data in a variety of company settings, providing trend analysis and operational, financial insights.
• Develop audit working papers in accordance with departmental standards to complete the audit work and to support the audit finding and recommendations to management
• Participate in developing audit programs, understanding the Company's financial and management policies and global processes
• Provide guidance to the audit team in the audit design, implementation and close out of audits including management recommendations and reports
• Provide oversight of staff including talent acquisition, retention, and development.
• Lead and/or assist with the implementation and use of Computer Assisted Auditing Techniques (CAATS) within GIA. Support the development and implementation of data analytics more broadly in the business Qualifications
• Professional certifications (CISA, CISSP, CISM, CRISC, PCI or similar designation)
• Bachelor's degree - information systems or related degree, strongly preferred
• The ability to travel up to 30% (domestic and international)
• Fluency in English (reading, writing and speech); additional language skills preferred.
• 4-5 years' relevant audit experience/an understanding of auditing techniques and the IIA standards. Experience to include public accounting and/or internal auditing.
• 2-3 years relevant supervisory experience, preferably in a matrixed environment
• Experience and knowledge of firewalls, IPS/IDS, Threat Management Gateway, Anti-Virus, Vulnerability Manager Tools, SIEM and penetration testing tools Preferred Requirements
• Strong functional skills with the right blend of business savvy, experience working in a team environment, evaluating policies and internal controls in an environment using emerging technologies, and experience in implementing best practices
• Strong communication and presentation skills, the ability to think strategically. Superb time management and organization skills.
• Knowledge of ForeScout NAC Tool, Cisco Identity Services Engine, McAfee EPO (AV) and McAfee ESM (SIEM Tool), Rapid 7 (Vulnerability Manager) and CyberArk (Privilege Access Management) and Cloud Security Training - Google and Azure
Offers of employment are conditional upon passage of screening criteria applicable to the job. EEO Statement
Integrated into our shared values is NCR's commitment to diversity and equal employment opportunity. All qualified applicants will receive consideration for employment without regard to sex, age, race, color, creed, religion, national origin, disability, sexual orientation, gender identity, veteran status, military service, genetic information, or any other characteristic or conduct protected by law. NCR is committed to being a globally inclusive company where all people are treated fairly, recognized for their individuality, promoted based on performance and encouraged to strive to reach their full potential. We believe in understanding and respecting differences among all people. Every individual at NCR has an ongoing responsibility to respect and support a globally diverse environment. Statement to Third Party Agencies
To ALL recruitment agencies: NCR only accepts resumes from agencies on the NCR preferred supplier list. Please do not forward resumes to our applicant tracking system, NCR employees, or any NCR facility. NCR is not responsible for any fees or charges associated with unsolicited resumes.