Manages a team of IT professional direct reports. Responsible for aligning IT resource allocation with NAAH priorities.
In partnership with Internal Audit Executive Management, establishes financial plan for the IT Audit team and manages to plan.
Oversees the execution of the IT audit plan across all NAAH businesses, ensuring scope and schedule are established for projects.
Oversees operating plan and resource allocation for the department, including prioritization and staff deployment, and acts based on changing priorities.
Directs assigned teams through risk analysis, control identification, and audit program development. Independently concludes on the effectiveness of controls through the review of work completed by others.
Has a thorough understanding of project management skills ensuring audits meet department and industry quality expectations and milestone dates.
Leads development of the initial NAAH IT Audit Plan for all NAAH business; communicates department / enterprise vision, strategies, critical success factors and plans;
develops plans to achieve department goals. Anticipates and manages IT process evolution and its related impact on the IT Audit process.
Sets direction based on alignment to enterprise objectives and direction.
Develops audit committee and management reporting materials for assigned NAAH responsibilities.
Initiates and fosters business partnerships with key IT stakeholders. Develops relationships that promote trust and increase efficiency and effectiveness.
Balances individual client needs with business priorities assuring alignment with business strategies and objectives.
Hires and manages IT team members and provides effective coaching. Determines staffing strategy and plan in coordination with the NAAH Management team.
In partnership with the NAAH Management team defines individual performance commitments and development plans and ensures alignment with business and department objectives.
Appraises and evaluates department and individual performance and makes compensation recommendations; oversees the appraisal process.
In partnership with the NAAH Management team formulates and executes continuous process and organizational improvement direction and programs which enhance overall effectiveness.
Ensures processes under review are documented / analyzed.
Develops and maintains a network of industry contacts; performs or directs research on industry trends, competitors, business products;
analyzes trends and makes strategic and tactical recommendations. Maintains a thorough understanding of changes in audit practices, regulatory requirements, and risk frameworks to understand their impact to internal auditing and Munich Re.
Proposes audit approach updates based on these changes.
Keeps abreast of changes in IT audit practices, regulatory requirements, and IT Risk frameworks to understand their impact to internal auditing and Munich Re.
e.g. NIST Cyber, CSC, COBIT, ISO2700x). Proposes audit updates based on these changes.
Education : Requires in depth IT Audit knowledge as typically acquired through a bachelor’s degree or equivalent experience in Computer Science, Management Information Systems or a comparative field.
Work Experience : Ten or more years of IT Audit experience or related work experience in information technology with a focus on security, risk management, or controls.
Management experience required; in an internal audit function is preferred. Established experience managing a team, and the ability to take initiative to influence and drive results within a complex organization.
Extensive IT auditing skills or hands on technical experience. In-depth knowledge of project planning methodologies and tools, system development methodologies and IT standards and guidelines.
CISA Certification required but waived if CISSP obtained. CISSP or other technical / IT security certifications are a plus.
Thorough knowledge of IT auditing, regulatory requirements, and security standards to understand their impact to auditing and Munich Re (e.
g. NIST Cyber Security Framework, CSC 20, COBIT, COSO, ISO2700x).
Excellent written and oral communication skills required.
Highly developed negotiation, facilitation and consensus building skills are required. Ability to build a strong cohesive team and to coordinate and interact positively with other audit department teams.
Certifications and Advanced Degrees :