About the Internal Audit Group at American Express
Our Internal Audit Group is a worldwide function with 300+ team members and offices across nine countries within American Express. Our mission is to protect and enhance organizational value by providing independent, objective, risk-based assurance, advisory services and to influence the way the company manages risk.
We are committed to growing our audit staff significantly as we continue to expand and enhance the Internal Audit Group. Our assurance and risk professionals have diverse backgrounds including internal controls, consumer compliance, technology, operational risk, financial accounting, data analytics, and banking operations. Our audit teams align to key risk areas and business units to ensure IAG can provide comprehensive and risk-based audit coverage. In addition, IAG has a Professional Practices group responsible for managing audit operations, quality, and standards; regulatory relations; reporting; training and professional development; and key internal capabilities and technologies.
About the Role:
Our Internal Audit group is seeking an eager Senior Technology Auditor in Gurgaon. The Senior Technology Auditor role will audit technology risk and governance controls integrated into first-line and second-line business processes. The ideal candidate will have strong problem- solving skills, excellent attention to detail, and the ability to communicate audit results effectively.
Key Responsibilities:
Participate as a key team member on audit projects, independently owning audit tasks such as documenting processes under review, developing workpapers, and executing audit tests in accordance with policies and procedures
Assist Senior Managers / Managers in the execution of assigned audit tasks in line with American Express' Internal Audit procedures, internal policies and standards, and regulatory expectations throughout the audit lifecycle with guidance; maintain audit proficiency through ongoing professional development, including data analytics literacy skills, technology, and banking best practices
Review prior audit results and relevant business monitoring materials to support Audit Planning activities; executes and actively participates in walkthroughs by asking thoughtful questions, leveraging effective challenge and critical thinking
Execute audit tests (e.g., process, governance, oversight testing) and clearly document test results in accordance with internal policies and procedures to evaluate the control design and effectiveness; draft work papers, demonstrating the ability to use automated work papers and other department and company tools
Identify and escalate issues as appropriate throughout testing and audit execution; draft audit issue documentation
Develop an understanding of American Express' business model, products, services, and organizational units
Document and evaluate audit observations and findings; support routine client status meetings, audit request, and other administrative tasks
Understand how corrective actions / Management Action Plans (MAPs) are impactful and sustainable; execute validation of MAPs
Communicate task status, roadblocks, challenges, and potential solutions to Senior Managers/Managers and leadership as appropriate
Demonstrate ability to work proactively and take initiative on next steps
Provide guidance to staff auditors and review and provide feedback on work as appropriate
Understand how to draft test steps, audit findings, and the audit report and drafts as needed with guidance
Participate as a team member on IT audits, developing knowledge and understanding of technology structures, technology related business processes, IT general controls, and cyber-risk considerations / applications
Minimum Qualifications
3+ years of audit experience
Prior experience working at a Big Four / G-SIB
Bachelors/Masters degree or equivalent in Information Systems, Computer Science, Accounting, Finance, Business, or related field
Demonstrates strong written and verbal communication skills to deliver deliverables with quality
Works independently, within the team and across various teams in a fast-paced environment to drive business results, employing creative thinking, and the ability to work on competing priorities
Learns how to break-down problems into components, and solve using data analysis, process, risk control knowledge, and experience to drive risk-based conclusions and decisions
Develops knowledge and experience in applying control theory and professional auditing practices throughout the audit lifecycle
Develops understanding of regulations, regulatory risks, accounting, and financial industry best practices, including technology and data implications
Experience with technology control testing including cybersecurity, automated processing, interface inputs, reports, application security, business continuity and third parties
Preferred Qualifications:
Experience with data analytic tools, data visualization, key risk indicators (KRIs), key performance indicators (KPIs), information systems / technology, and scorecards / dashboards, etc.
Interest in working with data, interpreting results, analytic best practices and experience with data analytics tools and data visualization
Professional certification: CISA, CPA, CIA, CISM, CDMP, CISSP or other technology-focused certification