CISSP Jobs - Manager IT & Security Audit, 13703

at PenFed Credit Union
Location McLean, VA
Date Posted May 22, 2019
Category Default
Job Type Full-time


Manager IT & Security Audit


PenFed is hiring a Manager IT & Security Audit at our headquarters in McLean, Virginia. The audit manager serves as a critical team member in the Audit Services Department responsible for helping to accomplish the audit mission in accordance with the highest professional standards. The primary purpose of this job is to implement all aspects of the Information Technology (IT) assurance audit program for PenFed’s IT lines of business including such functions as information security, applications, IT Infrastructure, cyber security,  affiliated business activities and financial and risk management. This position is responsible for audit planning, performance and reporting, interacting with senior PenFed and affiliated entity officials, supervising assigned auditor staff, and serving as a functional expert on risk assessment and internal control in a banking environment. A keen business acumen, knowledge in the application of professional auditing standards, initiative and flexibility in handling multiple and often competing priorities, eagerness to learn new and complex financial institution programs and activities, and a supportive attitude toward other team members are key ingredients to success in this position. The incumbent will also serve on special projects as assigned.

Essential Functions

Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. This is not intended to be an all-inclusive list of job duties and the position will perform other duties as assigned.

Audit Planning and Performance

  • Maintain in-depth knowledge of the information technology and security control environment within the financial services industry and the statutory and regulatory requirements established by federal regulators related to financial institution operations in this environment.
  • Implement a comprehensive assurance audit program for complex banking operations, ensuring the effective accomplishment of internal audit goals and objectives established in support of PenFed’s mission and strategic initiatives.
  • Identify and evaluate significant exposures to risk and contribute to the improvement of risk management and control systems. Collaborate in designing solutions and building plans for correcting control weaknesses and deficiencies.
  • Managing and coaching staff as they perform assessments to evaluate controls, security, and execute audit procedures.
  • Demonstrates extensive project management skills related to IT audit projects, including developing project plans and deliverables schedules.
  • Conduct comprehensive audit surveys of entity-wide information technology and security programs and operations, including the assessment of risks and mitigating controls, leading to risk-based recommendations for audit coverage.
  • Lead/Perform detailed audits of entity-wide information technology program components including general controls and business process application controls, system development and operation, and compliance with regulatory requirements applicable to financial institutions.
  • Review the audit work performed following professional and Audit Services Department (ASD) standards with emphasis on the sufficiency and appropriateness of audit evidence.
  • Interact routinely with senior PenFed and affiliate officials, ensuring that the department is professionally represented and that audit responsibilities and positions are clearly and effectively presented. Keep the Managing Director of IT and Security Audits, Chief Audit Executive (CAE), and cognizant program officials fully and currently informed on audit activities, and help ensure that a “no surprises” communication environment is maintained.
  • Lead by example and with professional care in the management of assigned audit staff, ensuring that each staff member is highly motivated, soundly guided and directed, and provided opportunities for professional growth and development. Ensure each staff member is treated with fairness and respect, accomplishments are recognized, and developmental needs are addressed. Communicate regularly with the Managing Director of Assurance Services on staff performance, achievements, and developmental needs.

Audit Reporting

  • Review draft reports created by staff auditors and supports senior audit management in finalizing it. Reports must meet the highest professional standards.
  • Keep audit management advised of audit progress and results.
  • Assist operational and financial auditors with IT area of audits.

Liaison and Coordination

  • Serve as primary point of contact in maintaining effective liaison PenFed management officials, independent auditors and regulatory authorities
  • Professionally represent the internal audit department when interacting at all levels within and outside the institution

Education and Experience

Equivalent combination of education and experience is considered.

  • Bachelor’s Degree in Business Administration or Accounting or related field required.
  • Master’s Degree in Business Administration or Accounting is beneficial.
  • Minimum of eight (8) years of progressively responsible technical information technology audit experience. A related advanced degree can be substituted for experience.
  • Minimum of three (3) years of supervisory/management experience.
  • Current IT auditing certification, such as CISA, CISSP, CISM etc.
  • Effective communication and writing skills
  • Must display keen business acumen, knowledge in the application of professional auditing standards, initiative and flexibility in handling multiple and often competing priorities.

Supervisory Responsibility

This position will supervise employees.

Licenses and Certifications

CISA required, CISSP, CIA preferred required.

Work Environment

While performing the duties of this job, the employee is regularly exposed to an indoor office setting with moderate noise.


Ability to travel to various worksites and be on-call is required.

About Us

Established in 1935, PenFed today is one of the country’s strongest and most stable financial institutions with over 1.8 million members and over $25 billion in assets. We serve members in all 50 states and the District of Columbia, as well as in Guam, Puerto Rico, Okinawa, and Portugal. We are federally insured by NCUA and we are an Equal Housing Lender. We are available to members worldwide, via the web, seven days a week, twenty-four hours a day.

Our mission isn’t simply to help our members get by. We exist to help them realize every ounce of their potential. We exist to educate, and to encourage. We exist to usher their dreams into the land of reality.

We provide our employees with a lucrative benefits package including robust medical, dental and vision plan options, plenty of paid time off, 401k with employer match, on-site fitness facilities at our larger locations, and more.

Equal Employment Opportunity

PenFed management will maintain and observe personnel policies which will not discriminate or permit harassment or retaliation against a person because of race, color, creed, age, sex, gender, gender identity, gender expression, religion, national origin, ancestry, marital status, military or veteran status or obligation, the presence of a physical and/or mental disability or medical condition, genetic information, sexual orientation, and all statuses protected by applicable state or local law in all recruiting, hiring, training, compensation, overtime, position classifications, work assignments, facilities, promotions, transfers, employee treatment, and in all other terms and conditions of employment. PenFed will also prohibit retaliation against individuals for raising a complaint of discrimination or harassment or participating in an investigation of same.

PenFed will also reasonably accommodate qualified individuals with a disability so that they can apply for a job or perform the essential functions of a job unless doing so causes a direct threat to these individuals or others in the workplace and the threat cannot be eliminated by reasonable accommodation or if the accommodation creates an undue hardship to PenFed. Contact human resources (HR) with any questions or requests for accommodation at 571-495-7921.