Audit and Third Party Risk Specialist
- Liaise with internal stakeholders on an ongoing basis during the audit relative to plans, objectives and results.
- Document, Present and discuss findings and action. Ensure that action items are thoughtful, relevant, constructive, actionable and address the root causes of the issues identified.
- Prepare and/or review audit documentation in accordance with audit objectives and quality standards for review.
- Evaluate internal stakeholders’ response to audits and report to senior management on appropriateness.
- Liaise with the external auditors and provide commentary on the external audit plan in consideration of the sufficiency of the overall audit approach.
- Lead and oversee external audit reviews with external auditors, in coordination with and direction from the Director of Risk and Compliance.
- Follow up on external and internal audit review findings, understand various ITGC controls and how to identify those and implement them to remediate or address compliance and audit requirements.
- Works independently to plan, organize, and establish audit objectives, priorities, methodology and procedures, including the preparation of the annual audit risk assessment and the audit plan.
- Independently plans and coordinates the completion of a set of projects, ensures that all audits are executed, documented, communicated.
- Independently concludes on whether risks are being effectively handled.
- Assist on the development of Third Party Risk Management standards and tools that align to industry practices and ensure effective processes to identify, measure, manage, monitor and report on Third Party risks.
- Acts in a consultative capacity, providing advice to teams on third party risk; and Provides advice and counsel as it relates to TPRM in cross functional discussions on compliance matters, integration, due diligence, and other regulatory requirements.
- Liaises with Internal Audit and Risk on issues related to TPRM.
- Accountable to present to executives and leaders to ensure that third part risk mitigation plans and strategies are effectively implemented.
- Engages with the Director of Risk and Compliance to investigate, escalate and remediate third party risk events and risk incidents;
- Responds to as well as initiate and oversee Internal Audit and Enterprise Risk requests for information and documentation to support testing and monitoring;
Other Points of Understanding
- Sr Specialist level/ Individual Contributor role
- SelfDirected person – bear the load of the team
- Years of Experience >5
- Each audit is considered its own project
Required Skills and Experience
- Audit engagement experience, leading and orchestrating projects with people with different disciplines within the organization
- Translator – technical and operational to and from business ”language” or level
- Audit & Risk understanding and experience
- Industry – not critical, nothing that is segment specific
- Great communication skills
- Influence without authority
- IT Controls Background
- CISSP Certification strongly preferred
- ITGC – IT governance Control auditing
- Auditing certifications strongly preferred – ISO2001, CISA,
- Travel – up to 30%
Please forward your resume and a covering letter to firstname.lastname@example.org with “Audit and Third Party Risk Specialist" in the subject line. We will only be contacting those individuals who we believe are the best potential fit with our requirements.
At Ethoca, we welcome job applications from qualified individuals without regard to race, color, religion, sex, national origin, age, disability, ancestry, family care status, veteran status, marital status, or any other lawfully protected status in every jurisdiction in which we operate. We are committed to a diverse workforce that provides fair and equal opportunity for all employees and candidates. We will only be contacting those individuals who we believe are the best potential fit with our requirements.