Information Systems Internal Audit Manager

Information Systems Internal Audit Manager

Website Federal Home Loan Bank of Boston

The Federal Home Loan Bank of Boston is a leading provider of wholesale funding for housing and community finance in New England serving more than 420 financial institutions across the region. The Federal Home Loan Bank of Boston is committed to making New England a better place to live and do business, and our employees are integral to our success. As a cooperative, we are owned by more than 420 banks, credit unions, insurance companies, and community development financial institutions that access tens of billions of dollars of our reliable, wholesale funding each year. Our funds are a vital resource that helps our members succeed, provide families with safe, decent affordable housing, and generate economic development that creates jobs in communities throughout our region.

Our highly skilled team of 200 is diverse, innovative, collaborative, and passionate about the work we do. We seek other professionals excited to share their knowledge, talent, and passion for our mission to join our team. We offer opportunities for career development, robust benefits, and a work-life balance.

Position Summary

This new role will support the VP/Senior Audit Manager Information Systems in developing and executing the IT Internal Audit plan.  For the IT internal audit function, this role will assist in the annual risk assessment and corresponding planning process, supervise the pre- and post-implementation project audits, complete SOX Information Technology General Controls (ITGC) testing and cycle audits as needed, and serve as the point of contact for co-sourcing arrangements, perform testing as well as manage the preparation of the internal audit reports. The incumbent will establish productive business relationships with Bank Technology’s management team and communicate with them regarding audit results and significant control matters. For effectiveness in this role, the incumbent must maintain expertise in the technology used at the Bank and keep apprised of related vulnerabilities and breaches.

This is not a checklist audit role. Pre- and post-implementation project audits requires both technical expertise and a solid audit foundation. The audits are anticipated to require creativity and agility.

This role will manage the performance and development of one Senior IT/IS Auditor. Prior people management and audit leadership skills are required for success in this role.

This role will have a hybrid work schedule in our Boston office in accordance with the Bank’s Hybrid Work Program. More time will be encouraged in the office to support onboarding initially.

Specific Responsibilities

·         Interface directly with IT management, Enterprise Risk Management and Compliance to provide audit results and ensure compliance with regulatory requirements, company policies and procedures and industry best practices.

·         Supervise and conduct pre- and post-implementation audits. This position will have one direct report.

·         Assist in the annual risk assessment and corresponding audit planning process.

·         Complete internal audit testing, inquiry, observation and other analysis required to meet objectives of assigned audit projects and assess compliance with Internal Audit (IA) and industry (including IIA and CISA) standards.

·         Develop working papers documenting performance of all audit work.

·         Manage audits with timely completion and communicate progress and results of audit work throughout the audit engagement to auditee and AVP/Senior Audit Manager Information Systems.

·         Provide control consulting services to management to assist in efforts to mitigate risks and improve controls.

·         Follow-up with BT management on Bank incidents and potential breaches to determine root cause and make recommendations for control changes and audit plan changes if appropriate.

·         Maintain an in-depth understanding of the IT business processes and the underlying technologies of the Bank’s security and network infrastructure. Keep apprised of related vulnerabilities and breaches that are reported in the media and assess and communicate to AVP/Senior Audit Manager Information Systems any concerns as they relate the Bank Technology.

·         Promote new ideas and new ways of designing and executing IT audits through technology and data analytics. Enhance IT audit team access to information to facilitate audit testing and analysis.

·         Develop and manage department standards, tools, and procedures.

·         Execute special assignments and other duties as assigned at the direction of the Chief Audit Officer as well as AVP/Senior Audit Manager Information Systems.



·         A degree in Computer Science, Information Systems, Business Administration, a related field or the equivalent work experience and a CISA is expected. A relevant Master’s degree or work towards an advanced degree is preferred.



·         Minimum of 7 years of progressively responsible experience in IT audit or a technology role is strongly preferred. Experience in project implementation or pre-implementation audit reviews preferred. Experience within a highly regulated environment is strongly preferred.



·         Prior experience managing performance and development of direct reports is expected. Must be able to provide leadership and guidance to internal and co-source resources.

·         Knowledge of IT Frameworks: COBIT, COSO, NIST-800-53, ISO 27001, ISO 22301.

·         Demonstrated knowledge base related to controlling and securing system platforms (including Linux and Windows), database platforms (Oracle and SQL Server), endpoint platforms, and network infrastructures is strongly preferred. Working knowledge of banking/financial services industry technology infrastructure preferred. Ability to quickly acquire and apply knowledge of changing technologies is essential.

·         Sound understanding of audit process, risk-based audit methodology, risk management and advisory services.

·         Able to adapt to a changing environment, meet deadlines, and handle multiple projects.

·         Experience in using a risk-based audit approach in evaluations of and recommendations for management processes.

·         Ability to analyze technology infrastructure, operations processes and internal controls to formulate cost-effective measures to improve control effectiveness and efficiency.

·         Able to present audit findings and recommendations in a manner that will be understood and accepted by all responsible parties.

·         Excellent communication, interpersonal, time management, and issue resolution skills.

·         Able to work effectively under pressure, either independently or as a member of a team.

·         Able to operate PC-based software and/or automated database systems required. Demonstrated experience using Microsoft products and TeamMate desired.

·         Able to perform assigned tasks in agreed time frame.

·         Strong organizational skills and attention to detail.


The Federal Home Loan Bank of Boston is committed to building and sustaining a diverse workforce that reflects the communities that we serve. As an Equal Opportunity Employer, we strongly encourage applicants from every ethnicity, color, religion, gender, age, national origin, disability, veteran or parental status and sexual orientation.

Nothing in this job description restricts management’s right to assign or reassign duties and responsibilities to this job at any time.

To apply for this job email your details to