IT Audit Manager

Must currently reside in the OKC metro area. Responsibilities Support the Internal Audit Director in developing the annual risk-based IT audit plan and lead the execution of complex audits, including IT general and application controls, cybersecurity, data governance, AI governance, and emerging technology risk assessments. Evaluate the design and operating effectiveness of infrastructure, system, and business controls related to operational, compliance, financial reporting, and technology-enabled business processes, with a focus on efficiency, scalability, and evolving regulatory expectations. Manage IT Audit staff and external resources assigned to technology-focused audit engagements, including traditional IT controls as well as audits related to AI, automation, cloud computing, and other emerging technologies. Assign and monitor audit progression, approve audit programs, review workpapers and findings, draft and finalize audit reports, manage engagement budgets, and ensure audits are executed in accordance with professional standards and departmental methodology. Act as a key relationship manager between Internal Audit and IT, data, and business stakeholders, including leaders responsible for IT operations, cybersecurity, data management, AI systems, and technology governance. Participate in IT and enterprise governance forums (e.g., cybersecurity, data, AI/automation committees), and present audit results, risk insights, and emerging technology observations to senior and executive management. Technical Skills and Requirements Bachelor’s degree from four-year college or university in Accounting, Auditing, Management or Insurance; commensurate experience accepted in lieu of degree. 10 years experience: 5 years of audit or IT security and 5 years of IT experience. Certified Information Systems Auditor (CISA) required; CISSP, CISM, CRISC, CIA or other audit or information security-related certifications preferred. Experience in audit planning, performing complex audit projects and supervision of projects. Experience in risk analysis and corrective measures to mitigate business risks. Experience in identifying and analyzing control framework established to protect corporate assets. Knowledge of information security principles and best practices. Thorough knowledge and experience with General Computer Controls and Application Controls, including Change Control, Systems Development Life Cycle, Application Security, Disaster Recovery, Data Warehousing, Project Management, Operating Systems and Databases. Experience with COBIT, IIA, MAR or SOX, COSO, NIST, PCI, HIPAA and ISO 27000 series frameworks. General project management experience a plus. Strong oral and written communication skills, including outstanding interpersonal and consultative skills. Demonstrates a high level of administrative competence and excels in analyzing and adjusting organization procedures for maximum efficiency. Knowledge of professional standards required to perform audits, industry best practices and regulatory/criminal law related to industry. Self motivated, ability to prioritize and ability to perform multiple tasks related to responsibilities. Understanding of company and affiliates structure, products and systems. Ability to initiate and coordinate activities to meet goals and objectives, achieve delivery of annual audit plan, and stay within established monetary and time budgets. Proven leadership, motivational, mentoring and training skills. Good and reasonable judgment exhibited by prior performance. Diplomacy ability to diffuse and resolve volatile situations and achieve a positive solution. #J-18808-Ljbffr AFC American Fidelity Corporation