• Interface with management to develop an understanding of key business objectives and associated risk, Identify and develop meaningful analyses to effectively evaluate processes and efficiencies across multiple operating companies.• Communicate results of analyses to all levels of management and Partner with management to develop appropriate solutions for opportunities identified.• Participate in several walkthrough meetings with different stakeholders.• Assist with Gap analyses and implementation efforts in compliance frameworks and certification programs including SOC 1 and SOC 2.• Work with Control and Process owners to ensure the timely execution of audit requests and monitor remediation efforts to ensure timely resolution, and tracking using the GRC platform.• Prepare reports of audit status, audit findings, and remediation plans using the GRC platform by collecting, analyzing, and summarizing information.• Participate in the planning, fieldwork, reporting and follow up phases of the internal audit activity to evaluate the internal control processes.• Responsible for executing audit engagements regarding information systems, management procedures, and security controls as they relate to effectiveness and compliance with bank policies, regulations, and best standards

• Provided ongoing training, guidance, support and IT control and compliance status reporting to the company to build awareness of and promote a progressive and sustainable compliance culture.• Designed, implemented, and oversaw the execution of the IT controls program including periodic control testing of design and operation effectiveness sufficient to meet regulatory requirements and to the satisfaction of internal/external auditors.• Implemented and maintained IT controls catalog and related documentation sufficient to ensure compliance with regulatory requirements and internal policies and procedures.• Verified user and system security configurations for compliance with internal and external requirements; Collected and maintained appropriate evidence and supporting documentation.• Built and maintained effective working relationships and liaise with ITS and business unit control owners to collect, report, and retain compliance documentation.• Identified control gaps and potential remediation steps; led and assisted process re-design and coordination of remediation efforts.• Collaborated with ITS and business unit resources on implementing IT controls that achieve risk and control objectives while striking a balance between costs vs. benefits.• Conducted gap analysis of existing IT infrastructure to identify potential security risks.• Identified and reported on IT control program status and metrics; Assist with Audit Committee and Board reporting.• Documented and maintained risk-based compliance policies and procedures; Developed and maintained IT controls-related content for the Information Security & Compliance intranet site.• Identified areas of improvement within existing processes and developed solutions to address them.

• Conducted audits on information technology (IT), operating system (OS) platforms, and operating procedures following established standards for efficiency, accuracy, security, and risk mitigation• Evaluated IT infrastructure in terms of risks to the organization and established controls to mitigate loss• Determined and recommended improvements to enterprise risk management controls• Supervised engagements by planning audits, reviewing work papers, supervising early career auditors, and preparing audit reports• Implemented process improvements to year-end SOX testing, resulting in efficiencies in review time and yearend financial reporting• Identified outdated process controls and implemented corporate policy/procedures statements to reflect industry best practices• Managed project status: facilitated audit status meetings to communicate findings, issues, and areas for improvement to client management, executive, and Corporate Internal Audit leadership• Created final audit reports, and oversaw the implementation of corrective action plans, while maintaining communication with all levels of management• Addresses reported risk events, and potential risk areas, and ensure these are appropriately mitigated, and the mitigation and//or remediation plans are adequate and stored in the appropriate repository• Prepared draft reports for review by department management• Performs annual risk assessment and control assurance activity for existing vendor relationships as per policy• Guides business (vendor) relationship managers on risks and controls gaps and documents result according to Supplier Oversight Policy and Procedures