Senior Manager, IT Audits

Senior Manager, IT Audits

At Algonquin-Liberty, we hire passionate people who care about doing the right thing for our customers. We are entrepreneurial, creative, and outcome-focused.

Here, your natural talent and achievements will flourish in an inclusive environment of teamwork, trust and continuous learning.

We are always pursuing excellence to exceed our ambitions goals, rewarding both the goal outcome and how we achieve it.

The Senior Manager, IT audits role is crucial in assessing and managing information technology risks within an organization by leading other auditors and overseeing the planning, execution, and reporting of IT and cybersecurity audit activities.

The role will work collaboratively with Corporate IT team to develop the IT risk and audit universe to implement a risk-based IT audit strategy aligned with the organization's objectives and strategic pillars.

Accountabilities

• Develop and implement an IT and cybersecurity audit strategy aligned with the organization's objectives, ensuring that IT controls are effective, efficient, and in compliance with industry standards and regulations.
• Supervise and mentor a team of IT auditors, managing their workload, performance, and professional development.
• Collaborate with various stakeholders, including senior management, the internal audit team, external auditors, and IT departments to ensure alignment and coordination in addressing IT audit findings and recommendations.
• Provide strategic input into significant IT decisions as a trusted advisor and evaluate the impact of new and emerging technology and technology risk on the organization’s processes and control environment.
• Stay up to date with emerging technologies, industry standards, and regulatory changes. Identify opportunities for process improvements and advise on best practices to enhance IT controls and mitigate risks.
• Lead department strategy working groups to drive department efficiencies including use of digital tools, streamlining processes and documentation, performance metrics, analytics, key performance indicators, and dashboards.
• Identify and evaluate potential risks and vulnerabilities related to information technology infrastructure, systems, and processes.

Establish processes to assess and prioritize risks.

• Collaborate with IT leadership team to determine the scope and objectives of IT and cybersecurity audits, including relevant systems, controls, and processes that need to be evaluated.
• Conduct IT and cybersecurity audits to assess the effectiveness of controls, accuracy of information, and compliance with policies, procedures, and regulations.

Evaluate the efficiency and effectiveness of IT operations, risk management practices, and governance processes.

• Develop and maintain a framework to assess and test IT controls, including access controls, change management, data security, disaster recovery, and business continuity.
• Develop insightful executive summaries contributing to audit reports that provide a fair and balanced assessment of governance, risk and control processes based on audit work performed.
• Prepare clear, concise, and accurate audit reports, highlighting key findings, recommendations, and action plans for management to address control weaknesses, non-compliance, and operational inefficiencies.

Education and Experience

• At least 10 years of progressive experience in IT Risk & Compliance, IT Audit, IT Governance, Operational Risk, developing, implementing, and managing IT risk programs with specific in-depth knowledge of cybersecurity, change management, governance, IT operations, business continuity and disaster recovery.
• Professional certifications such as Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified in Risk and Information Systems Control (CRISC), or Certified Internal Auditor (CIA) are highly desirable.
• Archer eGRC and SAP experience is preferred.
• Extensive experience in IT audit, risk management, and information security, including experience in a managerial or leadership role.
• In-depth knowledge of industry frameworks and standards (e.g., COBIT, ISO 27001, NIST cybersecurity framework) and regulatory requirements (e.

g., SOX, GDPR, PCI-DSS).

• Strong understanding of IT infrastructure, systems, and application controls, as well as emerging technologies (e.g., cloud computing, blockchain, AI) and associated risks.
• Excellent analytical, problem-solving, and critical-thinking abilities, with attention to detail and accuracy.
• Effective communication skills, both verbal and written, to convey complex technical concepts to non-technical stakeholders.
• Exceptional leadership and people management skills to inspire and motivate a team, foster collaboration, and manage conflict.
• Strong project management skills, including the ability to prioritize tasks, meet deadlines, and manage multiple projects concurrently.
• Ethical behavior and integrity, maintaining confidentiality, and complying with professional and organizational codes of conduct.

J-18808-Ljbffr