Pearson IT Audit Manager in Boston, Massachusetts
IT Audit Manager - ( 2104582 )
At Pearson, we exist to help learners achieve their potential through learning at every stage of their lives, creating a better, more equitable world in the process. We have more than 20,000 employees that deliver our products and services in nearly 200 countries, all working towards a common purpose – to help everyone achieve their potential through learning. We do that by providing high-quality, digital content and learning experiences, as well as assessments and qualifications that help people build their skills and grow with the world around them. We have a long history of making a positive social and environmental impact and ensuring we operate to the highest standards of ethics and governance.
As an IT Internal Audit Manager, you will be responsible for leading the planning, execution and reporting of varied IT and cybersecurity audit projects to time and quality in a professional, engaged, and responsible manner. You will take the lead in communicating results to Senior Management and be key to the Internal Audit team building strong relationships with stakeholders across the business. You will report to one of the Audit Directors and support the Internal Audit Leadership team with audit planning, reporting, and improvement activities as needed.
Pearson’s Internal Audit team is collaborative and forward-looking. This role offers a good opportunity for someone who would relish being part of a supportive team, working in an international environment, auditing across a diverse and fast-changing technology and digital environment, and developing relationships with Senior Management. The work will involve up to 20% domestic and international travel. The role is open to candidates in the US. Working from home is an option, but candidates need to be willing and able to travel to Hoboken, New Jersey for team meetings and other events.
Leading the delivery of complex technology, cybersecurity, and integrated audits from designing an approach, planning, and scoping through proactive discussions with business and IT management, to report issue and file closure, including application, infrastructure, and security audits.
Completing project reviews across the project lifecycle including areas from inception, design, stage gates and reporting through to benefits tracking and post-project evaluation.
Discussing audit findings with management and ensuring appropriate actions are agreed to mitigate risks identified.
Preparing clear and concise reports, with commercially relevant recommendations to improve the internal control system and address weaknesses and process inefficiencies identified.
Following up on the effective implementation of agreed actions, liaising closely with actions owners and business management.
Building and sustaining positive working relationships with colleagues in Internal Audit and stakeholders in technology and the wider business.
Supporting and coaching junior members of the team.
Completing ad-hoc projects and supporting investigations as required.
Being aware of developments in audit techniques and adapting and championing these to support continuous improvement in the way we work.
Pearson is an Equal Opportunity and Affirmative Action Employer and a member of E-Verify. All qualified applicants, including minorities, women, protected veterans, and individuals with disabilities are encouraged to apply.
Degree or equivalent level (in Information Security, Computer Science, or similar)
Recognized IT audit or information security qualification (e.g. CISA, QICA, CISSP, CRISC, ISO27001 Lead Auditor, SSCP)
Four or more years' practical experience of cybersecurity and IT auditing across IT processes, applications, infrastructure, IT security, and emerging technologies, able to understand processes and controls and identify potential risks to the business.
Good knowledge of IT risk management, security and control and a clear understanding of the relationship between technology and business risk.
Working knowledge of cybersecurity controls, network architecture, website platform development, secure coding, and virtual computing.
Able to grasp complex technology issues and develop practical solutions.
Good organisational skills, able to handle multiple assignments simultaneously, resolve problems, and deliver to deadlines.
Good communication, relationship building and influencing skills – both written and verbal – able to communicate technical issues and recommendations to both technical and non-technical audiences at different levels in the organization.
Collaborative approach to working within a team and with colleagues across the business.
Digital and commercial focus.
Flexible, innovative, self-motivated, critical thinker with the ability to leverage skills in new situations.
Comfortable working independently in a relatively unstructured environment without the need for constant direction.
Experience of auditing web applications and services, network, operating system, and database security.
Experience of using cybersecurity and industry frameworks and standards such as NIST CSF, ISO 27001/2, PCI DSS, COBIT, and ITIL.
Experience of auditing Agile software development methods.
Experience of data analysis tools (e.g. IDEA, Tableau, Alteryx) and ability to support complex data extraction and analysis requirements.
Exposure to major ERP systems, preferably Oracle.
#LI - POST
Primary Location : US-NJ-Hoboken
Other Locations : US-IA-Cedar Rapids, US-MN-Bloomington, US-TX-San Antonio, US-IA-Iowa City, US-IL-Bloomington, US-NC-Raleigh, US-MA-Boston, US-AZ-Chandler
Work Locations :
US-MN-Bloomington-5601 Green Valley
5601 Green Valley DriveSuite 220
Job : Finance
Organization : Finance
Employee Status : Regular Employee
Job Type : Standard
Job Level : Individual Contributor
Shift : Day Job
Job Posting : Mar 29, 2021
Job Unposting : Ongoing
Schedule: : Full-time Regular
Req ID: 2104582