CrawlJobs Logo

Senior Audit Project Manager - Information Security

usbank.com Logo

U.S. Bank National Association

Location Icon

Location:
United States , Charlotte

Category Icon
Category:
IT - Administration

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

126820.00 - 149200.00 USD / Year
Save Job
Save Icon
Apply Position

Job Description:

The Corporate Audit Services Senior Audit Project Manager (SAPM) is primarily responsible for leading staff in the completion of audit engagements with minimal supervision from managers, however there are no direct reports. The Senior Audit Project Manager is expected to monitor progress of audit engagements against plan and schedule, assess work performed by the audit engagement team, and provide coaching and on-the-job training for team members to ensure engagements are completed in conformance with internal audit policies and procedures.

Job Responsibility:

  • Lead staff in the completion of audit engagements with minimal supervision from managers
  • Monitor progress of audit engagements against plan and schedule
  • Assess work performed by the audit engagement team
  • Provide coaching and on-the-job training for team members to ensure engagements are completed in conformance with internal audit policies and procedures
  • Partners with leaders in their assigned Line of Business, Risk/Compliance/Audit (RCA) Consultants, and other RCA Managers to, depending on the function, oversee the successful creation, implementation, and maintenance of an effective risk management framework
  • Lead projects and/or activities that ensure compliance with applicable federal, state, and local laws and regulations
  • Facilitate the identification of gaps and drive solutions that minimize losses resulting from inadequate internal processes, systems, or human errors
  • Ensures the active identification, response and/or escalation of risks as appropriate
  • May influence policies and procedures to maximize profit potential and minimize regulatory exposure
  • Accountable for an effective partnership between the Line of Business and the Lines of Defense

Requirements:

  • Bachelor's degree, or equivalent work experience
  • Typically more than 10 years of applicable experience
  • Undergraduate degree in a Technology, Cybersecurity or Engineering related field of concentration or equivalent combination of training and experience
  • Professional certification (e.g., CISSP, CISM, CISA, CIA, AWS Cloud Practitioner, Microsoft Azure Administrator) or advanced degree (e.g., MS in Technology/Information Security, MBA) is a plus
  • Strong Project management and execution skills, including prioritizing tasks, balancing workload between multiple projects, anticipating next steps, adapting to changing situations and project scope
  • Agile/Continuous Deployment/Continuous Delivery/DevSecOps, Secure Software Development
  • API and Cloud Migration experience
  • Advanced data analytics and visualization acumen
  • Strong knowledge of IT Frameworks (e.g., COBIT, ITIL, NIST, FEDRAMP, PCI-DSS, AGILE, AWS Well Architected Framework etc.)
  • Technical knowledge of at least two of: API, Secure Cloud Architecture, Deployment models, Zero Trust, Network Segmentation, authentication/authorization protocols, or cryptography. Hands-on experience in at least one of the above
  • Critical thinking and intellectual curiosity
  • Written and verbal communications – ability to create clear, concise, and engaging messaging across multiple formats
  • Ability to work well under deadline pressure
What we offer:
  • Healthcare (medical, dental, vision)
  • Basic term and optional term life insurance
  • Short-term and long-term disability
  • Pregnancy disability and parental leave
  • 401(k) and employer-funded retirement plan
  • Paid vacation (from two to five weeks depending on salary grade and tenure)
  • Up to 11 paid holiday opportunities
  • Adoption assistance
  • Sick and Safe Leave accruals of one hour for every 30 worked, up to 80 hours per calendar year unless otherwise provided by law

Additional Information:

Job Posted:
February 20, 2026

Expiration:
March 04, 2026

Employment Type:
Fulltime
Work Type:
On-site work
Icon
U.S. Bank National Association - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Senior Audit Project Manager - Information Security

Information Security Identity & Access Management Analyst

The Info Sec Prof Senior Analyst is an intermediate level position responsible f...
Location
Location
India , Chennai
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5-8 years of relevant Identity and Access Management experience
  • Applicable Certifications or willingness to earn within 12 months of joining
  • Consistently demonstrates clear and concise written and verbal communication
  • Proven influencing and relationship management skills
  • Proven analytical skills
  • Bachelor’s degree/University degree or equivalent experience
Job Responsibility
Job Responsibility
  • Identify potential Identity and Access Management (IAM) risks and make recommendations for enhancement
  • Lead execution of IAM governance procedures, specifically focusing on non-worker identities and IAM resources
  • Collect and analyze security risk evidence and coordinate with internal and external compliance and auditing agencies / officials
  • Develop and operationalize key risk indicators for related IAM topics and governance procedures
  • Produce insights from data that are tailored to specific requirements and audiences
  • Execute meetings and communicate complex security topics and IAM standards and best practices with all levels of the organization
  • Ensure that controls are utilized daily and that non-compliance remediation is addressed
  • Drive technological projects with cross-functional teams that support the expansion of IAM governance
  • Provide IAM consulting services, including interpreting and/or clarifying information security policy, procedures, standards or concepts
  • Assist with defining, implementing, and governing IS standards to align procedures and practices in compliance with Citi standards
What we offer
What we offer
  • Best-in-class benefits
  • Global benefits
  • Equal opportunity employer
  • Fulltime
Read More
Arrow Right

Legal Third-Party Management and Information Security Risk Lead

As part of the Legal Outside Counsel, Third Party Management and Operations team...
Location
Location
United Kingdom , Belfast
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Ability to assess residual risk in complex vendor environments and make sound defensible recommendations
  • Experience applying risk-based frameworks to prioritize issues and mitigation efforts
  • Strong interpersonal skills for engaging legal, compliance, technology, procurement and senior risk stakeholders
  • Proficiency in creating clear and concise reports dashboards and governance experience
  • Leading or supporting cross functional projects, ability to support risk transformation initiatives, and integrate evolving legal tech and regulatory guidance into assessment methodologies
  • Bachelor’s degree or equivalent
Job Responsibility
Job Responsibility
  • Manage and oversee a set of complex initiatives that span multiple lines of business in the Cyber Security (CS), Information Security (IS) and Third-Party Risk Management (TPRM) space for Global Legal Solutions
  • Assess the risks and effectiveness of Third Party IS processes and controls based on enterprise requirements ensuring the IS risk is within tolerance
  • Evaluate the design and execution of the Legal IS Program, identifies potential enhancements and drives implementation of governance, methodologies and tools required for the effective oversight of Third-Party Management IS risk to continually strengthen the Program
  • Assist the day-to-day activities within the TPM Risk and Info Sec group
  • Monitor, track and control outcomes to resolve issues, conflicts, dependencies and critical path deliverables related to issues and gaps found in the TPISA process
  • Drive implementation of enterprise Third Party Management controls required to be assessed as part of the Managers Control Assessment, reviews results, and determines if remediation actions are appropriate
  • Document control design, testing methodology, and evidence for effectiveness reviews in compliance with Citi's Risk and Control Standards
  • Contribute to quarterly control certifications, issue management processes and audit engagements
What we offer
What we offer
  • Generous holiday allowance starting at 27 days plus bank holidays
  • increasing with tenure
  • A discretional annual performance related bonus
  • Employee Assistance Program
  • Pension Plan
  • Paid Parental Leave
  • Special discounts for employees, family, and friends
  • Access to an array of learning and development resources
  • Private medical insurance packages to suit your personal circumstances
  • Fulltime
Read More
Arrow Right

Senior Information System Security Officer

Come join our growing team and make a difference every day! AnaVation is seeking...
Location
Location
United States , Washington
Salary
Salary:
Not provided
anavationllc.com Logo
AnaVation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Cybersecurity, Information Technology, or a related field
  • Minimum of six (6) years of hands-on experience in cybersecurity and expert knowledge of Governance Risk and Compliance
  • At least three (3) years supporting and maintaining system authorizations for complex systems
  • Demonstrated expertise in the Risk Management Framework (RMF), NIST SP 800-53 Rev 5, and related federal cybersecurity policies
  • Extensive experience managing ATO/ATT processes, security control assessments, POA&M lifecycle, vulnerability management, and audit response
  • Strong leadership experience mentoring junior and mid-level ISSOs and interfacing with senior government leadership
  • Must possess at least two of the following active certifications: Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Governance, Risk and Compliance (CGRC), Certified in Risk and Information Systems Control (CRISC), Information Systems Security Management Professional (ISSMP), Certified Information Systems Auditor (CISA), Certified Cloud Security Professional (CCSP), Certified Ethical Hacker (CEH), CompTIA Security+, Project Management Professional (PMP)
  • Proficiency in tools such as JCAM, Tenable Nessus, BigFix and Splunk
  • Ability to develop, review, and present high-level security documentation and briefings
  • Strong understanding of cloud platforms (IaaS, PaaS, SaaS), supply chain risk management, and incident response procedures
Job Responsibility
Job Responsibility
  • Support the maintenance of security documentation and support system ATO and ATT efforts
  • Conduct security control assessments and provide recommendations for remediation
  • Perform biweekly audit log and vulnerability scan reviews and track POA&M items
  • Collaborate with system owners and technical teams to manage risk and respond to incident
  • Support Ongoing Authorization (OA) and continuous monitoring activities
  • Prepare and brief senior leadership on system security posture and compliance metric
  • Ensure alignment with cybersecurity policies and NIST SP 800-53, 800-37, and 800-137
What we offer
What we offer
  • Generous cost sharing for medical insurance for the employee and dependents
  • 100% company paid dental insurance for employees and dependents
  • 100% company paid long-term and short term disability insurance
  • 100% company paid vision insurance for employees and dependents
  • 401k plan with generous match and 100% immediate vesting
  • Competitive Pay
  • Generous paid leave and holiday package
  • Tuition and training reimbursement
  • Life and AD&D Insurance
  • Fulltime
Read More
Arrow Right

Senior Third-Party Security Risk Analyst

As a Senior Third-Party Security Risk Specialist at Ledger, you will play a vita...
Location
Location
France , Paris
Salary
Salary:
Not provided
https://www.ledger.com Logo
Ledger
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Master degree in Information Security, Cybersecurity, or a related field
  • 5+ years of progressive experience in third-party risk management, with a strong background in audit, risk management, compliance, or a related control function within a complex organization
  • Proven project management skills with the ability to manage complex, cross-functional projects and maintain comprehensive documentation
  • In-depth knowledge of security frameworks and standards (e.g., ISO 27001, NIST Cybersecurity Framework) and experience in applying them to third-party risk management and regulatory requirements
  • Excellent analytical and problem-solving skills with a focus on identifying root causes and developing effective solutions
  • Strong communication and interpersonal skills, including the ability to influence and negotiate with vendors and stakeholders at all levels
Job Responsibility
Job Responsibility
  • Conduct comprehensive security assessments of third-party vendors, including reviewing their security policies, procedures, and controls
  • Proactively identify and evaluate potential security/privacy risks associated with a particular focus on those that could impact Ledger's reputation, financial stability, and customer trust
  • Develop and implement risk mitigation strategies to address identified vulnerabilities
  • Lead the collaboration with vendors to remediate security gaps and ensure compliance with Ledger's stringent security requirements
  • Establish and maintain a robust vendor security monitoring program, driving continuous improvement in vendor security posture and compliance
  • Develop, implement, and continuously improve Ledger's third-party security risk management program, including policies, standards, procedures, and tools
  • Prepare reports and presentations on vendor security risks and mitigation efforts to senior management, stakeholders, and the Comex
  • Participate in audits as part of the Privacy audit program according to the agreed annual audit plan
What we offer
What we offer
  • Equity: Employees are the foundation of our success, and we award stock options so you can share in that success as we grow
  • Flexibility: A hybrid work policy
  • Social: Annual company outing for Ledgerdary Days, plus frequent social events, snacks and drinks
  • Medical: Comprehensive health insurance policy offering extensive medical, dental and vision care coverage
  • Well-being: Personal development, coaching & fitness with our dedicated partners
  • Vacation: Five weeks of paid leave per year, in addition to national holidays and rest & relaxation (RTT) days
  • High tech: Access to high performance office equipment and gadgets
  • Transport: Ledger reimburses part of your preferred means of transportation
  • Discounts: Employee discount on all our products
  • Fulltime
Read More
Arrow Right

Senior Information Security Specialist

As a Senior Information Security Specialist, you will play a critical role in sa...
Location
Location
United States , Clarksburg
Salary
Salary:
Not provided
imts.us Logo
Innovative Management & Technology Services
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field (or equivalent professional experience)
  • Minimum 7 years of experience in information security, IT risk management, or cybersecurity compliance, preferably in a federal or state agency environment
  • Demonstrated experience applying and interpreting NIST 800-53, OWASP, and DISA STIGs in real-world projects
  • Strong hands-on technical background in networking, system administration, or software development
  • Proficiency with SIEM tools—especially Splunk—for event correlation, alerting, and compliance reporting
  • Familiarity with Agile development environments and DevSecOps principles
  • Strong written and verbal communication skills, with the ability to create reports and briefings for technical and non-technical stakeholders
  • Active Top Secret clearance is required
  • U.S. Citizenship is required
Job Responsibility
Job Responsibility
  • Lead comprehensive reviews of management, operational, personnel, and technical controls throughout the system development lifecycle (SDLC)
  • Identify and assess emerging security risks, weaknesses, and vulnerabilities associated with infrastructure, applications, and operations
  • Collaborate with developers and engineers to ensure identified risks are mitigated and documented effectively
  • Ensure compliance with federal and industry security standards including NIST SP 800-53, OWASP Top 10, Common Criteria, DISA STIGs, and SANS Institute recommendations
  • Support and contribute to Authorization to Operate (ATO) packages, including preparation of SSPs, POA&Ms, and continuous monitoring (ConMon) artifacts
  • Advise on policy alignment and security architecture improvements to support secure Agile delivery
  • Apply technical knowledge of networking, system administration, and development to assess the security posture of enterprise environments
  • Utilize Splunk to perform audit log analysis, generate system alerts, and support threat hunting and incident response activities
  • Recommend and implement automated logging, monitoring, and security reporting processes
  • Engage proactively with Agile development teams, product owners, and ISSOs to embed security into project planning and delivery
What we offer
What we offer
  • competitive compensation
  • excellent benefits including tuition reimbursement and employer-contributed 401K
  • referral bonuses
  • Fulltime
Read More
Arrow Right

IT Internal Audit Manager

This role offers a unique opportunity for an experienced IT Audit professional t...
Location
Location
United Kingdom , London
Salary
Salary:
70000.00 - 80000.00 GBP / Year
auditandriskrecruitment.com Logo
Audit & Risk Recruitment
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Demonstrated experience in IT audit, either internally or within a professional services environment
  • Strong understanding of IT risk management, IT controls, and information security principles
  • Experience auditing ERP systems (e.g., SAP, Dynamics AX/365) and cloud environments
  • Ability to work proficiently, managing multiple priorities and delivering to deadlines
  • Proficiency in stakeholder management, with the confidence to engage at senior levels
  • Strong analytical, problem-solving, and communication skills, able to translate technical risks into business-friendly language
  • Flexibility to travel within the UK and occasionally overseas as part of the audit plan
Job Responsibility
Job Responsibility
  • Leading the IT internal audit programme in line with group audit standards and methodologies
  • Providing independent assurance over a high-profile business merger and its associated system integrations
  • Delivering assurance on critical technology projects, including a new ERP implementation, cloud migrations, and security enhancements
  • Performing audits across IT security, data protection, change management, access controls, and business continuity/disaster recovery
  • Collaborating with financial auditors to assess IT controls within key business processes such as Purchase to Pay, Sales to Cash, and Inventory
  • Building strong relationships with IT and business leaders to influence and improve controls and risk management
  • Preparing and presenting clear, concise audit reports to senior stakeholders and leadership teams
  • Contributing to group-wide IT audit initiatives and knowledge sharing across the global network
  • Travelling to UK and occasional international sites to perform audits and enhance business engagement
What we offer
What we offer
  • discretionary bonus and benefits
  • Fulltime
Read More
Arrow Right

Information Security Risk Lead

The Information Security Risk Lead is responsible for driving efforts to support...
Location
Location
Thailand , Bangkok
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Master’s/Bachelor’s/University degree or equivalent experience in Computer Science, Cyber Security, Computer/Information Engineering, Information Technology or a related discipline is preferred
  • One or more industry-recognized cybersecurity-related certifications such as CISSP, CISA, CISM, CRISC, ISO 27001
  • 6 - 10 years or above of relevant experience in Cyber Security Management / Cyber Security Operations / Technology Risk Management / Third-party Risk Management or IT Audit, preferably with experience gained from banking / finance services industry / consultancy / control compliance or legal disciplines
  • Experience in assessing cyber regulatory compliance from BOT, SEC etc.
  • Strong understanding of International Standards/Frameworks such as: NIST, ISO 27001series, COBIT, CIS, GDPR, DORA, etc.
  • Proficient in interpreting and applying policies, standards and procedures
  • Excellent project management and organizational skills (PMP, PRINCE2, etc. is a plus)
  • Strong consultation, reporting writing and communication skills with highly proficiency in both spoken and written English and Thai
  • Thai language fluency is a must.
Job Responsibility
Job Responsibility
  • Manage and validate deliverables of all Information Security (IS) programs, ensuring closure per agreed timelines and goals
  • Engagement with local regulators BOT, SEC, TB-CERT, Thai-CERT, MDES, NCSA, etc. on IS related matters
  • Manage regulatory exams and internal & external audits
  • Work closely with Global & Regional Information Security teams to improve processes and reduce risk, and support the IS regulatory related activities for Thailand
  • Manage internal/external resources to organize cyber-attack simulations exercise, coordinating and overseeing vulnerability, mitigation/remediation/correction action plans, and issues management process
  • Accountable for delivery of the associated remediation from regulatory assessments
  • Proficiency in preparing periodic updates / reports / presentation deck for both internal stakeholders and regulators
  • Provide timely and appropriate updates to regional and global stakeholders
  • escalate issues in a timely manner to senior management
  • Build and develop partnerships with business, IT, risk, compliance, IS, senior management staff and stakeholders
  • Fulltime
Read More
Arrow Right

Senior Application Security Architect

The Information Security Operations (ISO) Sr Manager is a senior management leve...
Location
Location
Mexico , Ciudad De Mexico
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 6-10 years of relevant experience
  • Knowledge of Scripting and Programming Languages preferred
  • Demonstrated ability to interpret and apply information security policies, standards and procedures
  • Consistently demonstrates clear and concise written and verbal communication
  • Proven influencing and relationship management skills
  • Proven analytical skills
  • English Advance Domain, fluently speaking and writing
  • Communication skills to explain security controls required for the solutions in a clear and concise manner to non-technology stakeholders
  • Project coordination, give track end to end to all the approval and presentation process
  • Correct comprehension technical and business requirements of the solutions to be explained in IS Global Committees
Job Responsibility
Job Responsibility
  • Support the implementation of Information Security (IS) Training Plan, by verifying training participants completed the training and understand IS requirements
  • Coordinate with cross-functional Operations and Technology (O&T) counterparts and teams to improve O&T risk oversight
  • Attend and participate in internal/external IS forums and risk committees when necessary and provide IS updates to the business
  • Ensure stakeholders are held accountable for IS controls, and understand responsibilities in risk mitigation and remediation
  • Improve processes, remove IS deficiencies and enhance current tools that reduce an overall risk profile
  • Ensure security practices and standards compliance to reduce the likelihood of audit, regulatory and legal liabilities and reduce security risks by enhancing controls and minimizing weaknesses in Citi’s applications portfolio
  • Ensure non-compliant items are addressed through coordination with Business Manager and business staff
  • Support the Global Information Security (GIS) policies, standards, and initiatives development and implementation
  • Provide guidance on IS aspects of projects in support of business initiatives
  • Establish communication channels with cross-sector ISOs to efficiently tackle security issues that span multiple businesses
  • Fulltime
Read More
Arrow Right
Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Canada Jobs Australia Jobs Germany Jobs Ireland Jobs Poland Jobs
Company
Blog About Us Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
CrawlJobs Group
ITFlashcards AllDevBlogs
© 2026 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy