IT Senior Auditor
Internal Audit Department
FirstBank PR
Our Company
At FirstBank PR, we strive to be trusted advisors to our clients, and our employees are the ones that ensure we deliver on our promise of excellence in personalized customer service. Our more than 3,100 employees in Puerto Rico, the Virgin Islands and Florida share a passion for excellent customer service. We are proud of our team because they are continuously surpassing our client's expectations.
Do you have a passion for helping customers, building relationships, and delivering extraordinary, personalized customer service? If your answer is yes, FirstBank is the number one place for you.
A Brief Overview
The IT Senior Auditor performs and leads complex information technology audits of business units, functions, and bank applications to assess the adequacy of the internal control environment and evaluate compliance with policies, procedures, regulatory requirements, and management's objectives. Audits may be conducted as stand-alone IT engagements or as part of integrated audits with other audit teams.
This role is responsible for leading significant portions of audit engagements, including planning, execution, evaluation of results, and documentation of audit conclusions, ensuring that audit procedures are aligned with the Internal Audit Department's goals, methodologies, and applicable regulations. The IT Senior Auditor applies advanced technical knowledge and professional judgment when assessing higher-risk and more complex IT areas, while providing guidance and support to less experienced audit staff during fieldwork, without having formal supervisory responsibilities.
What You'll Need to Succeed
· Perform and lead Information Technology audits for business unit applications and functions, executed independently or as part of integrated audit engagements.
· Lead the planning and execution of assigned IT audit projects in accordance with established audit objectives, scope, methodologies, and time budgets.
· Execute and monitor audit procedures to ensure timely completion of fieldwork and adherence to internal audit standards and regulatory requirements.
· Prepare, review, and maintain detailed audit working papers, ensuring completeness, accuracy, and appropriate support for audit observations and recommendations.
· Identify, document, and evaluate audit exceptions in accordance with established procedures and discuss results with the audited areas.
· Prepare and review audit observations, assist in the preparation of draft audit reports, and summarize audit findings and recommendations.
· Discuss and resolve review points raised by the IT Audit Supervisor, Assistant General Auditor, Senior Assistant General Auditor, and/or General Auditor, ensuring proper disposition prior to report issuance.
· Participate as observer in Disaster Recovery and Business Continuity tests and prepare the corresponding audit certifications, as applicable.
· Assist the IT Audit Supervisor and collaborate with the Assistant General Auditor on special projects, risk assessment activities, and audit initiatives.
· Provide guidance and technical support to audit staff and non-IT auditors during audit engagements, without having formal supervisory responsibility.
· Maintain management informed of audit progress, significant issues identified, and potential risks, escalating matters as appropriate.
· Maintain up-to-date knowledge of emerging technology trends and developments related to Information Technology Auditing, Information Security, Risk Management, Compliance, and regulatory expectations.
· Perform special projects and assignments as requested by the IT Audit Supervisor, Assistant General Auditor, Senior Assistant General Auditor, and/or General Auditor to support audit objectives, risk assessment activities, and management initiatives.
· Assist external auditors during annual integrated audits by providing information, documentation, and audit support, as applicable.
· Participate in system conversions, upgrades, and other significant technology initiatives from an audit and risk perspective, when assigned.
· Participate in Disaster Recovery and Business Continuity testing for critical applications and IT functions, supporting related audit activities and certifications.
· Submit recommendations to the IT Audit Supervisor and/or Assistant General Auditor regarding enhancements to IT audit techniques, methodologies, and procedures.
· Monitor compliance with continuing professional education requirements in accordance with Bank policies and professional standards.
· Safeguard confidential and sensitive information obtained through audit activities and ensure proper handling of audit documentation.
· Perform other routine or special duties related to the audit function, as assigned.
Competencies
· Strong knowledge of information technology environments, including infrastructure, databases, networks, applications, and information security.
· Solid understanding of IT risks, internal control frameworks (e.g., COSO, COBIT), and regulatory requirements (SOX, PCI, GLBA, among others).
· Hands-on experience in IT audit planning, execution, documentation, and reporting.
· Strong analytical and problem-solving skills, with the ability to evaluate complex issues and identify effective solutions.
· Effective oral and written communication skills in English and Spanish.
· Strong interpersonal skills with the ability to collaborate effectively with audit teams, management, and non-IT auditors.
· Demonstrates ownership, accountability, and initiative in meeting objectives, deadlines, and quality standards.
· Ability to adapt to change, work in dynamic environments, and contribute ideas to improve audit processes and practices.
· Proficient in Microsoft Office applications and audit tools (e.g., ACL, IDEA, or equivalent).
What You'll Need
· A Bachelor's Degree in Information Systems or Computer Science is required for this position.
· The incumbent must have at least four to 7 years of experience on a similar position.
· CISA certificate is recommended but not required.
Disclaimer: The above statements are intended to describe the general nature and level of work being performed by people assigned to this job. They are not intended to be an exhaustive list of all responsibilities, duties, skills required of personnel so classified. The reporting relationship may not reflect the most recent changes to the corporate reporting structure.
EQUAL EMPLOYMENT OPPORTUNITY EMPLOYER
