The objective of this position is to evaluate the adequacy and effectiveness of internal controls as they relate to the design and operation of computer-based information systems. The position will direct the execution of IT Compliance and SOX programs, ensure the operating effectiveness of controls support IT management. Audits cover areas such as information security, computer operations, application development, operating systems, databases, network access, change management, user administration and segregation of duties. The position also assists IT control owners with control design, standards and opportunities for efficiencies as it relates to Chubb's IT Compliance Program and SOX 404 requirements. The position will facilitate and manage audit plans, resource planning, risk assessments, and report preparations. The position will have direct contact with key external customers and respond independently to customer inquiries about the adequacy of our internal controls. This role will proactively identify control gaps in advance of auditors and facilitate the development and implementation of remediation actions based on practical solutions and sound risk management.
MAJOR DUTIES & RESPONSIBILITIES
* Support IT management in the representation of IT general controls, Chubb's security posture and privacy policies to key stakeholders. * Provide subject matter expertise and consultative support to the IT Community pertaining to control documentation, testing, audit standards and Sarbanes Oxley requirements. * Collaborate with IT units and auditors to validate and verify audit findings and/or deficiencies. Manage remediation plans to deliver corrective actions as planned; track all outstanding IT audit issues to resolution. * Clearly communicate IT control issues formally and informally to all levels of management. * Evaluate and recommend opportunities to maximize the efficiency and effectiveness of audit activities. * Represent Chubb IT on compliance related matters with business partners, regulators, and auditors. * Participates in other special projects as required, including information security initiatives, risk assessments, policy development and compliance with SOX 404. * Collaborate with IT compliance and IT management to enhance Chubb's control and security posture. * Identify opportunities to improve the effectiveness and efficiencies of compliance activities and IT key controls.
This position reports to the AVP of IT Compliance within Office of IT Operations.
Responsibilities require strong collaboration with the ability to influence and affect change, in support of key objectives, across IT leads, internal and external auditors, and senior business management. Location: Philadelphia or Whitehouse Station
* Skilled individual capable of negotiating with internal, external and state auditors on scope/depth of IT audits and audit findings * 3-5 years of IT Audit experience leveraging the COBIT framework * In-depth understanding of Sarbanes-Oxley section 404, and ISO standards * Knowledge of IT operating environments to include mainframe, Windows and UNIX * Strong results orientation * Customer service driven * Collaborative with the ability to influence without authority and have impact * Superior verbal and written communication and presentation skills, strong interpersonal skills and the ability to work independently * Demonstrates sense of urgency and a high-degree of initiative and professional judgment * Ability to travel between Whitehouse Station and Philadelphia office. Occasional travel up to 10%
* CISA, CISSP or CISM certification * Project management or auditing experience * BS in Computer Science, Information Systems, or related field