TradeStation is an online brokerage firm seeking to level the playing field for self-directed investors and traders, empowering them to claim their individual financial edge. At TradeStation, we're continuously pushing the boundaries of what's possible, encouraging out-of-the-box thinking and relentless search for innovation. What We Are Looking For: The Internal Audit Manager – Information Systems ("IS") and Information Technology ("IT") Audits will be an individual contributor responsible for providing strong management, planning, and execution of all IS and IT audit activities for TradeStation and in maintaining a leading practice audit function. This will include the timely execution of controls testing for Japanese Sarbanes Oxley (JSOX) or U.S. SOX compliance, risk based IS and IT, and integrated IS and IT audits in accordance with the annual audit plan as approved by the Board of Directors ("the Board"), determining effectiveness of prudent business practices and compliance with applicable policies, procedures, laws, and regulations. The responsibilities will include end-to-end execution of IS and IT audits as well as supporting the Audit Directors for Finance, Operations and Regulatory audits in the integrated design of testing procedures, executing testing steps to evaluate the adequacy and effectiveness of the Information Systems and Information Technology and work with management to identify remediation plans for any internal control deficiencies or weaknesses identified. The Manager will also assist with other audit matters and perform initiatives at the direction of the Chief Audit Executive. What You'll Be Doing: Planning and execution of the multi-location Audit Plan for IS and IT based on an assessment of company goals and objectives and the significant risks that could compromise the achievement of those objectives Plan and execute the annual IS and IT audit plan based on business objectives and significant risks for areas under review and test key internal controls for design and operating effectiveness Conduct the annual and periodic risk assessments of all auditable IS and IT units, IT infrastructure and architecture, processes, systems, and applications incorporating input from business leadership, managing the resulting corporate-wide IS and IT audit plan, and ensuring on-time delivery of quality audit results Maintain alignment between the Company's goals and strategies and the IS and IT audit activities of the Internal Audit Department Conduct the annual testing and internal control assessments of IT General Controls and IT Application Controls as required for JSOX compliance Manage the completion of all phases of the audit process for IS and IT audits and special projects Conduct interviews, gather information, document or update system matrixes and process and data flows highlighting significant risks and key internal controls Work on multiple projects simultaneously and take initiative to manage priorities and meet deadlines Use technical, business, and problem-solving skills to provide in-depth audit, advisory, and consulting services for IS and IT projects, focusing on business process risks and internal controls Perform research and attend virtual and live training to maintain and enhance knowledge necessary to effectively support IS and IT areas of the Internal Audit Department and the business Promptly inform the Directors and the Chief Audit Executives of internal control concerns, audit progress, significant and material findings, and problems encountered Build strong relationships with key stakeholders, Senior Management, and other key leaders. Support the Chief Audit Executive in managing relationships with the Board. Serve as a trusted advisor to management Regularly meet with key business leaders in assigned IS and IT units to stay informed of organizational, processes and technology changes, new revenue lines, and resultant emerging risks Engage in management requested and/or consulting projects and provide advisory services to management on process redesign, major system initiatives, internal control frameworks, and best practices Partner effectively with the second lines of defense in the enterprise risk management processes and provide practical approaches to evaluating and improving organizational governance processes and internal controls Perform research and conduct training to reinforce internal controls awareness necessary to assist management in their efforts for preventing internal control breakdowns Clearly articulate the role and value of the Internal Audit function, underscoring independence, and objectivity Participate in special projects, investigations, due diligence activities, and assess post implementations internal controls of new products and systems Provide fair, factual, and balanced insights into current, emerging, and potential issues, trends, and opportunities that will enhance the efficiency and effectiveness of internal controls Consult constantly with the Company's external auditors and provide assistance as needed The Soft Skills You Bring: Ability to naturally influence IT executives and to function as a business partner Ability to manage multiple, changing, and competing priorities in a fast-paced, interactive, results-based team environment Able to communicate effectively, both orally and written, with professionalism and possess strong presentation skills for audiences at all levels of management Ability to balance diplomacy with assertiveness and hold difficult or sensitive discussions with confidence, while gaining and/or maintaining the trust of others Articulate and composed when delivering difficult messages to clients Capability to think both strategically and tactically about the Internal Audit function, its mission, and resources High level of technical and analytical capabilities, skilled at decision-making under uncertainty, combined with a commonsense approach Strong work ethic, initiative, teamwork, and flexibility to assist department in meeting organizational goals Adhere to the highest degree of professional standards and strict confidentiality The Technical Skills You Bring: Strong knowledge, expertise, and experience in the International and Global Standards for the Professional Practice of Internal Auditing Expertise and experience in performing JSOX or SOX Information Technology General Control (ITGC) testing such as access controls, change management, information security, and IT operations Expertise and experience related to Information Technology Application Controls (ITAC) Utilize various methodologies and frameworks including, pertinent ISO standards, COBIT, COSO, ITIL, and NIST Audit programs such as Privacy, Cybersecurity, and Compliance and assess the organization's ability to conform Prepare high quality, accurate and complete IS and IT control documentation as well as documentation support for operational and financial audits Experience in documenting process and data flows and diagrams utilizing tools such as Visio Experience in auditing practices for programming, networking, databases, and security Knowledge of operating systems, database management systems, system development life cycle, and/or project management practices Knowledge of MS SQL RDMS, Windows OS, Firewalls, Routers, TCP/IP, VPN, LANS, AWS, and WANS. Knowledge of Cloud based environment and DevOps methodology Knowledge of management, financial, and business information systems terminology, concepts, and practices Knowledge of current and relevant industry trends as it pertains to information systems and information technology Minimum Qualifications: 4-year college degree in Information Systems or other relevant major 4+ years' experience in the financial services or technology sector 4+ years in public accounting (Big 4) or directly related equivalent A minimum of 4 years' experience in an Audit role Demonstrated ability to provide exemplary leadership within an Audit organization Solid knowledge of IS and IT Auditing/SOX concepts and practices Experience managing own project portfolio end-to-end including creating work plans, auditing processes, and writing reports Knowledge on ISA (International Standards on Auditing) Certified Information Systems Auditor ("CISA"). Certified Information Systems Security Professional ("CISSP") or Certified Information Security manager ("CISM") Additional Desired Qualifications: Experience across various IT domains such as cybersecurity, infrastructure, IT operations, and Cloud Certified Public Accountant Knowledge of US GAPP Knowledge on IFRS Certified Internal Auditor What We Offer: Collaborative work environment Competitive Salaries Yearly bonus Comprehensive benefits for you and your family starting Day One Unlimited Paid Time Off Flexible working environment TradeStation Account employee benefits, as well as full access to trading education materials #LI-Remote
