AECOM Manager, Audit Services Group – Information Technology in Los Angeles, California

Business Line AECOM Corporate

Position Title Manager, Audit Services Group – Information Technology

United States of America - California

Los Angeles

Job Summary

Manager, Audit Services Group - Information Technology

In this Los Angeles based role we’re seeking someone to manage and participate in our Audit Services Group as an information technology audit professional. Audit Services Group is responsible for examining and evaluating the adequacy and effectiveness of the systems of internal controls that guide Company activities toward accomplishing primary business objectives. We will look to you to assist by identifying technology risks (IT), determining risk severity, and developing audit tests of controls and recommending remediation, as appropriate.

  • Responsible for management and execution of Risk Based IT audit efforts to ensure timely completion of audit engagements within established budgets, while adhering to ASG and IIA performance standards.

  • Anticipates the impact of new technologies and strategic initiatives of the Company on its Information Security and Privacy risk profile.

  • Tests layers of systems for information technology effectiveness and managerial control by assessing IT components of platforms and applications against internal standards, policies, procedures, and IT standards and frameworks.

  • Manages and assists with execution of regulatory compliance test work (e.g. General Data Protection Regulation (GDPR), Defense Federal Acquisition Regulation Supplement (DFARS), Sarbanes-Oxley (SOX)) by coordinating with process owners to identify and test controls, validate process documentation, analyze information technology and business information to identify improvement opportunities.

  • Demonstrates up-to-date expertise in Information Systems Audit and applies this to the development, execution, and improvement of action plans by providing expert advice and guidance to others in the information technology, security and privacy functions. Supports and aligns efforts to meet customer and business needs, and builds commitment for perspectives and rationales.

  • Communicates with key stakeholders and Audit Services Group management to confirm audit observations by reviewing audit documents and work papers, observations and recommendations for management, and assists with the resolution of key stakeholder and team issues.

  • Builds and supports partnerships with key stakeholders, process owners, and executive management, while maintaining independence and objectivity.

  • Supervise larger teams for responsible projects (up to 9 team members consisting of internal, external & offshore resources), providing guidance and writing performance reviews.

  • Prepare Audit Committee meeting materials such as summarizing audits completed, risk assessment results, or special presentations on topics of interest.

  • Assist with maintaining the department budget and other management duties.

  • Perform other duties as assigned or requested.

Minimum Requirements

  • Undergraduate or graduate degree in technology or information security fields or other risk management field is preferred

  • Minimum of 6 years of experience, including 2 years in a managerial role

  • A professional certification (e.g., CISA, CISM, CISSP, CRISC, CGEIT) is required

  • Must have the ability to handle multiple tasks in a fast-paced environment

  • Demonstrable experience functioning well in different cultures and societies

  • Experience in reviewing organizational structures, business processes and associated IT applications, products and infrastructure

  • Experience in auditing technical platforms such as UNIX, Microsoft, Networks (routers, switches, firewalls) and databases (e.g. MS SQL, Oracle)

  • Knowledge of auditing data loss prevention program, cloud services, mobile technology, application security and software development methodologies

  • In-depth knowledge of Information Security and Information Technology Governance Frameworks (e.g. NIST, ISO, COBIT)

  • Awareness of changing company policies, organization, accounting procedures, government regulations and audit standards is required

  • Must have mature judgment and good administrative and organizational skills

  • Good leadership skills and the ability to take charge, demonstrate confidence to interact with all levels, set objectives, drive results, and be a supportive team player

  • Excellent communication skills and willingness to accept responsibility

  • Data analytics experience (e.g. SQL, Alteryx, Tableau) a plus, but not required

  • Must be willing and able to travel up to 35% including international travel (Valid passport required)

Preferred Qualifications

Local candidates preferred.

What We Offer

AECOM is a place where you can put your innovative thinking and business skills into high gear and work alongside other highly intelligent and motivated people. It's a place where you can apply your skills to some of the world's most challenging, interesting, and meaningful projects worldwide. It's a place that values the diversity of our areas of practice and our people. It's what makes AECOM a great place to work and grow. AECOM is an Equal Opportunity Employer.

At AECOM, employee's safety and security are our top Safeguarding core value. All employees are expected to set the highest level of safety expectation in their work, display the highest level of safe behavior, and actively participate in AECOM's Safety For Life Program. SH&E is a part of our company culture and participation is required for all employees.

NOTICE TO THIRD PARTY AGENCIES: Please note that AECOM does not accept unsolicited resumes from recruiters or employment agencies. In the absence of a signed Recruitment Fee Agreement, AECOM will not consider or agree to payment of any referral compensation or recruiter fee. In the event a recruiter or agency submits a resume or candidate without a previously signed agreement, AECOM explicitly reserves the right to pursue and hire those candidate(s) without any financial obligation to the recruiter or agency. Any unsolicited resumes, including those submitted to hiring managers, are deemed to be the property of AECOM.

Job Category Insurance and Risk Management

Business Group Corporate

Country United States of America

Position Status Full-Time

Requisition/Vacancy No. 185598BR

Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status.