Mgr II- IT Compliance Audit

BAE Systems • Fort Walton Beach, Florida, United States • 3w ago

BAE Systems, Inc. is looking to hire an experienced Internal & External Audit Manager with IT audit qualifications to join our team. The successful candidate will be joining a dynamic group of IT audit professionals, tracking audit recommendations, and driving improvements in control and governance processes. This role will develop, execute, enhance, and collaborate on internal and external IT audit initiatives within the organization. The Internal & External IT Audit Manager is a key individual whose responsibilities directly contribute to maintaining a strong, compliant cyber security posture within BAE Systems Inc.

The Internal & External Audit Manager will:

Lead facilitation of IT external and internal audits.
Lead internal cybersecurity information technology reviews designed to directly support corporate-wide Cyber Security compliance initiatives in collaboration with other Cyber Security Domain & Solution Architects.
Examine internal IT controls, evaluate the design and operational effectiveness, and determine exposure to risk.
Collaborate with IT System owners on cybersecurity control effectiveness.
Coordinate entry/exit conferences and interviews, facilitating data/information requests, assessing audit conclusions/reports for accuracy and completeness, assisting management with review and response to audit findings and providing status updates to senior management.
Manages and coordinates with auditors and teams engaged in strategic, financial, operational, compliance and information systems audits. Plan, assign and supervise the daily activity and project progress.
Facilitate audit preparation review to increase awareness and knowledge of compliance requirements and identifying ways to streamline or improve the control environment without increasing overall risk.
Communicate complex technical issues in simplified terms to the relevant teams and stakeholders.
Assist with providing guidance to remediate identified security and control risks.
Ensures the accumulation of the audit results, conclusions, and recommendations are appropriately incorporated are communicated to stakeholders, including executives.
Ensures recommendations are clearly presented to and agreed upon by management.
Partners and collaborates with other compliance organizations within the company including Sector Assurance, OCSO, OCISO, Compliance, etc.
Hires, Manages, trains and develops subordinates.
Define common workflows, automations, templates, inheritable cyber services and execution value streams that enable sustainable compliance across the enterprise.
Define strategic cyber roadmaps with a focus on innovation and continuous improvement.
Evaluate the latest industry trends in cyber security and bring those into the enterprise as applicable.
Lead a small team of experienced cybersecurity professionals.
Identify systemic issues and opportunities for leadership and system owner action to improve effectiveness of control activities.
Serve as a trusted advisor to both senior executives and IT systems owners on topics related to cybersecurity controls and assurance.
Effectively manage auditor relationships.
Requires the ability to drive cultural change through positive leadership, communication, and subject matter expertise.

At least 10 years of experience in information technology auditing, combined audit/IT audit, or relevant information security or information technology roles.
Well-rounded IT audit experience
Strong attention to detail with an analytical mind on IT processes and outstanding problem-solving skills.
Experience with continuous process improvement, innovative governance, risk and compliance solutions.
Solid understanding of information security frameworks and IT audit methodologies.
Proficient with a broad knowledge of IT operations and technologies such as Network Infrastructure technologies (WAN/MAN/LAN), Cybersecurity, Active Directory, Backup & Recovery, Data Center, Operating Systems, Virtualization Services, SDLC and Change Management.
IT application experience (SAP, Oracle, PeopleSoft and Costpoint).
5 years of audit project management experience.
Data Analysis experience
Excellent verbal and written communication skills; interpersonal and presentation skills
Proven management and organizational skills
Ability to train, develop, and motivate team members.
Demonstrated leadership in professional setting.
Demonstrated teamwork and collaboration in a professional setting.
Understanding of industry standards including ISO27001, ISO 20K, NIST 800-53, 800-171

referred Certifications:

Certified Information Systems Auditor (CISA)
Certified Information Systems Security Professional (CISSP)
Certified Information Security Manager (CISM)
Certificate of Cloud Security Knowledge (CCSK)
Certified Internal Auditor (CIA)

About BAE Systems, Inc.
BAE Systems, Inc. is the U.S. subsidiary of BAE Systems plc, an international defense, aerospace and security company which delivers a full range of products and services for air, land and naval forces, as well as advanced electronics, security, information technology solutions and customer support services. Improving the future and protecting lives is an ambitious mission, but it’s what we do at BAE Systems. Working here means using your passion and ingenuity where it counts – defending national security with breakthrough technology, superior products, and intelligence solutions. As you develop the latest technology and defend national security, you will continually hone your skills on a team—making a big impact on a global scale. At BAE Systems, you’ll find a rewarding career that truly makes a difference.

Our Commitment to Diversity, Equity, and Inclusion:
At BAE Systems, we work hard every day to nurture an inclusive culture where employees are valued and feel like they belong. We are conscious of the need for all employees to see themselves reflected at every level of the company and know that in order to unlock the full potential of our workforce, everyone must feel confident being their best, most sincere self and be equipped to thrive. We provide impactful professional development experiences to our employees and invest in social impact partnerships to uplift communities and drive purposeful change. Here you will find significant opportunities to do meaningful work in an environment intentionally designed to be one where you will learn, grow and belong.

Benefits Information
Employee Benefits: At BAE Systems, we support our employees in all aspects of their life, including their health and financial well-being. Regular employees scheduled to work 20+ hours per week are offered: health, dental, and vision insurance; health savings accounts; a 401(k) savings plan; disability coverage; and life and accident insurance. We also have an employee assistance program, a legal plan, and other perks including discounts on things like home, auto, and pet insurance. Our leave programs include paid time off, paid holidays, as well as other types of leave, including paid parental, military, bereavement, and any applicable federal and state sick leave. Employees may participate in the company recognition program to receive monetary or non-monetary recognition awards. Other incentives may be available based on position level and/or job specifics.

Intern Benefits: Temporary employees generally are not eligible for BAE Systems benefits, but can elect to participate in the 401(k) savings plan. Temporary employees working 20+ hours per week are eligible for medical benefits, the employee assistance program, and business travel accident insurance.

Please note: Some benefits may be different for union employees that are governed by a collective bargaining agreement (CBA) or for positions covered by a wage law called the McNamara-O’Hara Service Contract Act (SCA).