Position Summary:

The Internal Auditor performs detailed evaluation of  internal controls and audit reviews of  League’s product platform, technologies and operational processes. They identify risks, interpret the significance of audit findings, make recommendations for remediation and communicate audit results to management. They also provide support for audit programs including planning, scoping, execution and reporting of audits based on risks identified, under the supervision of the Manager of Internal audit.  

In this role you will:

• Design and execute cross-functional audit programs, operational process reviews, and review of system implementations, applications and other technology and process-related risk areas across League.
• Work with teams on the planning, scoping, execution, and reporting of audits based on identified risks related to various League’s business.
• Prepare audit reports to document audit scope, procedures, findings and recommendations.
• Interpret the significance of audit findings, conclude on findings and make practical recommendations for remediation.
• Drive process re-engineering efforts by challenging the status quo of current processes and work with internal and  external teams, to implement best practices to strengthen League’s internal control framework.
• Facilitate the integration of risk management into day-to-day business activities and processes.
• Evaluate, design and implement controls  that make processes efficient or utilize new technologies.
• Present findings to senior leadership and monitor findings to ensure that action plans have been implemented.
• Ensure compliance with applicable laws, regulations and industry best-practices.
• Ensure an independent and objective assurance which is designed to add value to League’s operations.
• Accomplish League’s objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes.

Minimal Qualifications:

• Bachelor’s degree in accounting, information systems, computer science, engineering, math, security or other technical discipline is preferred.
• Minimum of 3 years experience with operational audits, technology, risk management, Compliance and Information Security, or project management.
• Relevant certifications (CIA, CPA, CISA, CISSP, CISM, CFE) are preferred.
• Demonstrated in-depth knowledge of industry practices, regulatory requirements and audit operations; such as knowledge of IPPF standards, internal control principles, risk analysis, privacy requirements (HIPAA, PIPEDA, GDPR) and frameworks such as COSO and/or COBIT, SOC 2,  NIST Cyber Security framework, ISO2700 series, HITRUST and FEDRAMP.
• Plan and execute  internal audits by gathering specific relevant background information.
• Thoroughly address all objectives and risks identified and conclude on operational effectiveness and efficiency, considering industry best practices.
• Prepare working papers and documentation supporting discussions, operational facts and results to justify audit conclusions.
• Communicate recommendations to management to gain understanding and agreement on audit issues and commitment to implement corrective action.
• Execute follow-up internal audits to evaluate management’s implementation of action plans.
• Broad and strong technical background with practical knowledge of a wide variety of technologies including cloud platforms such as Google Cloud, AWS or Azure, identity and management platforms, encryption and key management solutions.
• You should be comfortable interacting with business leaders and technical software development engineers.
• Team player with proven skills in influencing people.
• Detail oriented and strong investigative, risk analysis and problem solving competence.

Attributes / Characteristics:

• Ability to work independently with limited direction, and as a member of a hybrid/remote team.
• Solid analytical abilities to apply complex, ever-changing regulations and requirements in the business landscape.
• Good organizational skills with attention to detail to notice whenever operations are failing to adhere to strict standard.
• Skilled communicator to interact with highly technical software development engineers and business leaders.
• Consistently shares insights with the team and provides meaningful feedback.
• A fast learner who can quickly absorb the nuances and behaviors of League’s systems architecture.