Associate Director - Internal Audit

The Team:

The S&P Global Internal Audit function reports functionally to the S&P Global Audit Committee and administratively to the S&P Global President and CEO. Join our dynamic Internal Audit Team at S&P Global as a seasoned IT Audit and a Cyber Security leader with keen interest in emerging technologies. As an Associate Director, you will lead and manage the Application Technology Audit professionals with an accountability for Divisional IT infrastructure, Divisional IT applications/Cloud, Cyber security, and provide independent and objective assessment on the audit delivery for the Company. In this critical role, you will be responsible for developing risk assessments, leading the execution of technology audits, managing key stakeholder relationships, and team leadership.

The Impact:

The Associate Director, Divisional Technology, will lead and oversee technology-focused audits across the division, ensuring compliance with internal policies and regulations. Your expertise will enhance the Internal Audit value proposition by harnessing technologies and tools to improve audit quality and providing leadership on audit coverage for cutting edge technologies like Generative A.I., Large Language Models, and Cloud.

The role reports directly to the Senior Director, Divisional Technology.

Whats in it for you:

This role offers exceptional learning opportunities and engagement with senior management across the company. You will collaborate with key stakeholders on meaningful projects, fostering daily professional growth. By leveraging cutting-edge digital capabilities, including AI and data analytics, you'll enhance audit activities. Your primary responsibilities will include developing S&P Global's annual audit plan and executing internal audits (planning, fieldwork, and reporting). You'll also conduct ongoing risk assessments focused on Applications, Information, and Cyber Security risks globally, while working independently and effectively with the Audit Leadership team.

Primary Duties and Responsibilities

• Lead the IT Audit team, providing complete risk-based audit coverage for Divisional IT infrastructure, Cloud computing, Cyber security, and IT applications for all S&P Global Divisions.
• Actively lead including performing execution of technology audits coverage for corporate and divisional technology environments.
• Conduct continuous risk assessment to maintain the technology auditable entities and ensure adequate risk coverage.
• Draft audit reports and collaborate closely with the Audit team to finalize reports prior to official release.
• Develop audit coverage for new and emerging technologies, such as artificial intelligence and applying leading edge audit techniques.
• Partner closely with the Audit Leadership team on developing key relationships with the technology and business stakeholders.
• Manage key relationships with the Technology organization and represent Internal Audit in key forums.
• Actively engage and contribute to developing the Data Analytics community.
• Manage a team of technology auditors with an influencing role with the broader technology Audit community.
• Be engaged in emerging trends, and network at key technology forums in the industry.

Requirements

• Bachelors degree in information technology, Computer Science, or a related field; Masters degree or relevant certifications (CISA, CIA, or equivalent) preferred.
• Minimum of 10 years of experience in IT auditing, or technology risk management, with at least 3 years in managerial role.
• Strong knowledge of IT governance frameworks (e.g., COBIT, ITIL), risk management practices, and regulatory requirements.
• Proven ability to lead audits and manage multiple projects simultaneously in a fast-paced environment, with a focus on meeting deadlines and delivering high-quality results.
• Exposure to key tools and techniques such as Tableau, Python or SQL.
• Understanding of new and emerging technologies, cloud computing & tools.
• Outstanding verbal and written communication skills, capable of presenting findings and recommendations to senior management and stakeholders.
• Strong leadership and team management skills, with experience in mentoring and developing audit team members.

Preferred Qualifications

• Certified Information Systems Auditor (CISA), or Certified Information Systems Security Professional CISSP, CEH, Red Team, or Equivalent.