Johns Creek, Fulton, US
Text size
aA+ aA-
Click here to print

sr. Manager, IT Audit

Country : USA USA

State : Georgia

County : Fulton County

Town : Johns Creek

Category : IT - Web

Contract type : Permanent

Availability : Full time

Company presentation

Macy's is proudly America's Department Store. For more than 160 years, Macy's has served generations at every stage of their lives. Customers come to us for fashion, value, and celebration. Macy's is also known for giving back to our communities.
Now is an exciting time to join Macy's. The face of retail is changing, and change requires innovation. With endless opportunities, you can begin anywhere and go everywhere at Macy's. Join a team of colleagues who are committed to excellence and leadership development. We want talent like you.

Job description

Job Overview:

The Internal Audit Senior Manager - IT plans and manages the execution of audits/advisory reviews conducted by the IT audit teams to assess risk, review policies & procedures, and test controls around Information Technology Operations, Security, Cloud Environments, Software Development, and Compliance functions. Other duties may be assigned to support related audit needs.

This position can be based in either Springdale, Ohio or John's Creek, Georgia.

Essential Functions:

  • Manage and supervise the execution of audits and/or advisory reviews of the Company's controls and procedures over the Company's Information Technology (IT) operations, infrastructure, security, and compliance processes in accordance with the annual risk-based audit plan for design and operating effectiveness of internal controls, including Sarbanes-Oxley related controls.
  • Manage a team to assess the strategic, security, compliance, and technology related risks and identify gaps/opportunities/key risks to gain efficiencies.
  • Coordinate and review interim audit results with management along with process improvement recommendations and participate in the preparation of audit reports / presentations.
  • Supervise and review the work of the assigned audit team to ensure it is in accordance with department and internal audit industry standards, providing them with on-the-job training and coaching, as well as constructive feedback at the conclusion of each engagement.
  • Plan for upcoming audits through a contribution of ideas on the methodology and approach for upcoming assignments based on discussions with business unit partners, the evaluation of risks in the current environment, independent research, industry standard IT control frameworks, annual risk assessments, and review of prior year's audit work papers, flowcharts and audit reports.
  • Lead the development and completion of the risk & control matrix at the engagement level for all projects.
  • Review, update, and approve detailed audit programs in advance of fieldwork to ensure the appropriate procedures will be performed to address identified risks.
  • Conduct interviews, analyze critical business processes, evaluating design and operating effectiveness of internal controls and identifying potential process improvement opportunities during the audit/advisory review.
  • Develop and maintain a strong working relationship with business partners and external auditors.
  • Support further use of data analytic tools and techniques to increase audit efficiency and testing coverage.
  • Support the annual risk assessment process, including meeting with management for risk identification and prioritization of audit activities, used in the development of the Annual Audit Plan.
  • Assist in the professional development of the audit team through coaching and delegating as well as developing and leading department-wide trainings.
  • Perform internal quality reviews of select audits and/or advisory reviews to ensure compliance with departmental and IIA Standards.
  • Assist in recruiting, interviewing, and hiring of audit candidates.
  • Monitor major company IT initiatives and projects and review internal controls under development.
  • Perform independent research and engage in industry related trainings to continue to build technical knowledge and understand current IT & security related trends.
  • Travel is approximately 5% - 10%.


Qualifications and Competencies:
  • Education/Experience: A 4-year undergraduate degree in a related field of study (e.g., Information Technology, Information Systems, Computer Science) is required. CISA or CISSP certification is required. 5+ years of relevant prior work experience required in either audit or a related industry. A strong knowledge of risk based advanced IT auditing in a dynamic and changing environment applying appropriate IT control frameworks (e.g., COBIT, PCI, FFIEC) to evaluate areas of risk is required.

  • Communication Skills: Excellent written and verbal communication skills required, along with the ability to read, write, and interpret instructional documents such as procedure manuals and reports.

  • Other: This position requires analytic and problem-solving ability to review and evaluate an operation's overall control environment. In addition, it requires the ability to demonstrate good judgment, professional skepticism, and a strong learning aptitude to understand the Company's business processes as well as the ability to work with minimal supervision and demonstrate a high level of drive and initiative.

  • Work Hours: Ability to work a flexible schedule based on business needs.

Click here to print

Fashion Jobs

IT Manager - End User Services

| Permanent | Bolingbrook

sr IT Manager Back Office Systems

| Permanent | Bolingbrook

IT Manager Application Security

| Permanent | Bolingbrook

IT Audit Manager

| Permanent | Denton

sr IT Manager Enterprise Integration

| Permanent | Bolingbrook

Analyst, Business IT

| Permanent | Brookshire

IT Manager ii, Logistics

| Permanent | Fort mill