YOUR LIFE'S MISSION: POSSIBLE
You have goals, dreams, hobbies and things you’re passionate about.
What’s Important to You Is Important to Us
We’re looking for people who not only want to do meaningful, challenging work, keep their skills sharp and move ahead, but who also take time for the things that matter to them—friends, family and passions. And we're looking for team members who are passionate about our mission—making a difference in military members' and their families' lives. Together, we can make it happen.
Don’t take our word for it.
• Military Times 2021 Best for Vets Employers
• WayUp Top 100 Internship Programs
• Forbes® 2022 The Best Employers for New Grads
• Forbes® America's Best Employers
• Newsweek Top 100 Most Loved Workplaces
• Fortune Best Workplaces for Women
• Fortune 100 Best Companies to Work For®
• Computerworld® Best Places to Work in IT
To lead and conduct highly complex IT and information security audits in order to assess risk and opportunities of Navy Federal’s technical activities. Provide high-level technical expertise to other Internal Auditors while supporting wide-ranging Internal Audit initiatives. Ensure compliance with federal and state regulations and established internal policies and procedures.
• Lead, coordinate, and conduct the most complex IT and information security audits in accordance with Navy Federal and industry audit standards
• Provide expert technical guidance and direction to Internal Audit staff regarding Navy Federal practices and industry audit standards on complex IT processes or systems
• Manage third party risk through facilitating Information Security penetration tests, and assessing cloud computing and service provider arrangements and controls
• Ensure audit consistency with corporate objectives by providing new procedures and/or changes of audit standards
• Act as Auditor-In-Charge on audits
• Conduct preliminary research to document process narratives, workflows, and to identify key risks and controls
• Coordinate announcement and kick-off of audit with senior management
• Develop a risk-based audit work program designed to test identified controls
• Coordinate with points of contact to obtain an understanding of established processes, procedures, and controls and request supporting evidence for testing
• Conduct audit testing by reviewing and analyzing audit evidence to determine compliance with policies and procedures and determine the operating effectiveness of controls under review within the time budgeted
• Evaluate changes in procedures and/or controls to verify their effectiveness
• Oversee project team members on assigned tasks by working with audit team to identify risks, develop audit programs, and resolve issues
• Monitor progress of audits and report delays and issues in overall audit to management
• Review and edit work papers of team members
• Prepare audit documentation for senior management to address what auditing procedures were performed, controls tested, results of testing and findings
• Identify risks within the department and/or organization and recommends revised effective and efficient processes
• Develop solutions to strengthen controls, improve products/procedures/services, and aid management decisions
• Partner with business areas to ensure corrective action plans are developed and implemented
• Consult with business areas as required on technical controls for new technology
• Assist in prioritizing technical risk and designing the annual IT audit program
• Prepare final audit summary reports for senior management, the President/CEO, and the Supervisory Committee
• Recommend improvements to audit processes
• Support Internal Audit applications
• Lead, guide and mentor less experienced staff
• Train and direct Internal Auditors regarding audit procedures, protocols, and effective controls surrounding regulatory compliance
• Prepare trainings to enhance department knowledge during staff meetings
• Stay abreast of and ensure compliance with applicable federal, state and industry laws, regulations and guidelines
• Perform other duties as assigned
• Bachelor’s degree or related field, or the equivalent combination of experience, education and training
• Expert knowledge of the internal audit function and processes, preferably in a financial institution
• Expert knowledge of Internal Controls concepts and practices and risk-based auditing techniques
• Significant experience in managing cross-functional, multi-dimensional teams and projects of the highest complexity which have business risk and impact
• Extensive experience as Auditor-in-Charge of complex, integrated IT or Information Security audits
• Extensive experience in IT and data analysis which includes analyzing full life-cycle effectiveness, reliability and accuracy of complex financial/IT/business systems
• Extensive experience in creating, generating and maintaining data, reports, queries, etc.
• Expert skill communicating complex technical concepts to non-technical audiences
• Significant experience in leading, guiding and mentoring others
• Expert skill presenting findings, conclusions, alternatives and information clearly and concisely
• Significant experience in managing multiple priorities independently and/or in a team environment to achieve goals
• Expert research, analytical, and problem solving skills
• Expert verbal and written communication skills
• Expert organizational, planning and time management skills
• Expert database and presentation software skills
• Expert word processing and spreadsheet software skills
• Expert skill to influence, negotiate and & persuade to reach agreeable exchange & positive outcomes
• Extensive experience working with all levels of staff, management, stakeholders, vendors
• Expert knowledge of project/program management processes and methodologies
• Ability to maintain confidentiality and demonstrate integrity
• Master’s degree or related field, or the equivalent combination of experience, education and training
• Certified Internal Auditor (CIA), Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Project Management Professional (PMP), Certified in Risk and Information Systems Control (CRISC) designation
• Experience in information services or information security
• Experience with credit union financials and/or regulations
• Working Knowledge of NFCU products, services, programs, policies and procedures
Hours: Monday - Friday, 8:00AM - 4:30PM
Location: 820 Follin Lane, Vienna, VA 22180 | 5550 Heritage Oaks Dr. Pensacola, FL 32526
Navy Federal is now hybrid! Our standard enterprise requirement for a hybrid schedule is to report on-site 4-16 days each month. The number of days reporting on-site will ultimately be determined by the employee's leadership and business unit needs. You will learn more throughout the hiring and on boarding process.
Salary Range: $98,500- $168,400 annually
Navy Federal Credit Union assesses market data to establish salary ranges that enable us to remain competitive. You are paid within the salary range, based on your experience, location and market position.
Posting End Date: 04/25/23
Job postings are subject to close early or extend out longer than the anticipated closing date at the hiring team’s discretion based on qualified applicant volume.
Equal Employment Opportunity
Navy Federal values, celebrates, and enacts diversity in the workplace. Navy Federal takes affirmative action to employ and advance in employment qualified individuals with disabilities, disabled veterans, Armed Forces service medal veterans, recently separated veterans, and other protected veterans. EOE/AA/M/F/Veteran/Disability
Navy Federal reserves the right to fill this role at a higher/lower grade level based on business need. An assessment may be required to compete for this position.
Bank Secrecy Act
Remains cognizant of and adheres to Navy Federal policies and procedures, and regulations pertaining to the Bank Secrecy Act.
This position is eligible for the TalentQuest employee referral program. If an employee referred you for this job, please apply using the system-generated link that was sent to you.