--

What will your typical day look like?

As Manager, Internal Audit, you will manage a diverse team of talented consultants and senior consultants, coaching them to their highest potential while they deliver a variety of internal audit and internal control certification needs. You will oversee all phases of the internal audit delivery process (planning, execution & reporting). This includes drafting proposals and participating in business development efforts to build and generate internal audit and control certification business while interacting with a network of seasoned internal audit practitioners within our client organizations (e.g., Chief Audit Executives, Audit Committees etc.). You will be responsible for providing strategic advice and guidance on matters of risk management, internal control, governance etc. While analyzing and diagnosing client business issues to develop and recommend creative solutions you will employ a structured approach to project management to ensure complete client satisfaction and project profitability. Using your business savviness and communication skills you will build trust and credibility impactful relationships with your clients.

Job Duties include:

• Lead and execute IT internal audit projects for clients covering core, emerging and advanced IT risk areas including Information Technology General Control (ITGC) testing as part of SOX and NI52-109 certification programs.

• Conduct comprehensive assessments of the management, operational, and technical security controls of information systems.

• Lead and deliver IT Risk Assessments as well as IT Governance, Cloud, Cyber, Project and IT Operational audits.

• Ability to understand vulnerabilities in systems and propose effective countermeasures.

• Prepare and present detailed security assessment reports to management.

• Advise on the development and implementation of security policies and procedures

• Provide value-added and relevant analyses of an organization's internal control structure, performance, productivity, and efficiency;

• Assess the governance, risks and controls of client environments

• Understand and clearly articulate observations and recommendations

• Support client remediation activities

• Assist with the management, development and growth of the practice

• Maintain up-to-date knowledge of risk frameworks, information security frameworks, industry trends, information security, risk, and compliance trends

• Work in a collaborative team analyzing client issues and interviewing key personnel;

About the team

Our Deloitte Risk Advisory team helps our clients better manage strategic and operational risks. Our professionals help organizations enhance the effectiveness, quality, and value received from their governance, risk management, and internal control processes. Our broad understanding of risks and controls and related areas of operational improvement, combined with our specific industry sector and market knowledge and subject-matter specialists, help our clients confirm that their processes and controls are designed appropriately, and are operating effectively and efficiently to bring the greatest possible value to the organizations. Our Deloitte Internal Audit practice is a world-class internal audit service provided. We bring high impact outcomes to our clients and generate the insight management and Board’s need to navigate today’s complex business environment. We are trusted, respected and sought after!

Enough about us, let’s talk about you

You are someone with:

• 4 - 8 years of combined relevant experience in IT auditing, risk management, information security, and ISO 27001 reviews and readiness assessments;

• Experience in advanced and emerging IT risk areas: Security and risk management, asset security, security architecture, communication and network security, identity and access management, security assessment and testing, security operations, software development security, and cloud security.

• Advanced knowledge and direct experience with technology frameworks/standards such as ITSG-33, NIST CSF, ISO 27001, ITIL, COBIT, SOC2, PCI, GDPR etc.

• Professional designation or willingness to obtain one is preferred (e.g., CISA, CISSP, CISM, CIA)

• University degree in a computer science, management information systems, or business management discipline.

• Excellent interpersonal relations and demonstrated ability to effectively work with others in teams

• A strong IT background is preferred

• A Big 4 or other firm experience is an asset

• Holds a government of Canada clearance or ability to obtain clearance.

Total Rewards

The salary range for this position is $77,000 - $149,000, and individuals may be eligible to participate in our bonus program. Deloitte is fair and competitive when it comes to the salaries of our people. We regularly benchmark across a variety of positions, industries, sectors, targets, and levels. Our approach is grounded on recognizing people's unique strengths and contributions and rewarding the value that they deliver.

Our Total Rewards Package extends well beyond traditional compensation and benefit programs and is designed to recognize employee contributions, encourage personal wellness, and support firm growth.  Along with a competitive base salary and variable pay opportunities, we offer a wide array of initiatives that differentiate us as a people-first organization. Some representative examples include: $4,000 per year for mental health support benefits, a $1,300 flexible benefit spending account, 38+ days off (including 10 firm-wide closures known as "Deloitte Days"), flexible work arrangements and a hybrid work structure.