IT Internal Audit Assistant Manager leading audits across cybersecurity and technology infrastructure. Collaborating within a global team to enhance control environments and risk resilience.
Responsibilities
Plan and execute complex, risk-based IT audits that strengthen our control environment, protect critical assets, and improve resilience.
Lead audits across cybersecurity, technology infrastructure, network operations, and cloud environments, leveraging data analytics and automation to enhance coverage and insight.
Operate within a global team where participation and value-add are key to the success of Corporate Audit Services and adherence to IIA Standards and internal methodology.
Plan and develop audit scope, programs, and procedures using risk-based methodologies; apply control frameworks (NIST CSF, CSA Controls, Mitre Att&ck) and map tests to regulatory expectations.
Manage projects (budget, timelines); review working papers for quality; coach and provide guidance to staff; ensure robust issue grading with clear root-cause analysis and risk articulation.
Help lead or support audit team in kick-off and closing meetings, effectively communicate audit objectives, scope, findings, and recommendations to management.
Work with business stakeholders on findings follow-ups to ensure implementation of recommendations.
Prepare crisp, concise audit reports for review by Senior Managers, Directors, and Chief Auditor.
Use data analytics (e.g., SQL, Python, Power BI) to test controls at scale and produce meaningful visuals to aid reports.
Participate in the development and modifications of the audit practices and tools as well as department initiatives.
Foster risk and control awareness across the organization by working with management and other line of defense functions.
Requirements
Post secondary in Information Technology, Cybersecurity, Computer Science, or a related field is required
Minimum 3 years of IT auditing experience, preferably within large public organizations or external audit firms.
Hiring a Threat Modeler / Security Architect with development background for hybrid full - time role in Canada, focusing on application security, threat modeling, and DevSecOps.
Network and Perimeter Security IT Specialist I at Enbridge overseeing enterprise security architecture and leading large - scale security initiatives. Collaborating across teams to ensure secure solutions and compliance.
Network & Perimeter Security Specialist II - Firewall at Enbridge enhancing security architectures. Providing technical leadership and driving enterprise standards for firewall and network security.
Lead critical cybersecurity transformation programmes at Hewlett Packard Enterprise, ensuring alignment with enterprise priorities and delivering complex initiatives. Collaborate with IT, cybersecurity, and business leaders.
Staff Engineer responsible for designing scalable security solutions and collaborating with engineering at Twilio. Empowering security partnerships across products and platforms while mitigating risks.
Head of Infrastructure & Security responsible for cloud infrastructure on GCP and security programs. Leading SaaS development and technical teams at Rebus and Longbow Advantage.
Information Security Lead responsible for managing security programs at Dentons Canada. Overseeing security architecture, operations, incident response, and data protection initiatives.
Cybersecurity expert overseeing information defense, threat detection, and incident response at Investissement Québec. Leading security operations and leveraging AI for effective asset protection.
Lead cybersecurity initiatives and develop strategy for public broadcaster CBC/Radio - Canada. Shape technology road map, collaborate on enterprise architecture, and ensure policy compliance.