Sorry, this job is no longer available.

Lead Auditor - IT and Vendor Programs

At Northwestern Mutual, we believe relationships are built on trust. That our lives and our work matter. These beliefs launched our company nearly 160 years ago. Today, they're just a few of the reasons why people choose to build careers at Northwestern Mutual.

We're strong and growing. In a company with such a long and storied history, this may be the most exciting and important time to be a part of Northwestern Mutual. We're strong, innovative and growing.

We invest in our people. We provide opportunities for employees to grow themselves, their career and in turn, our business.

We care.  We make a positive difference in our communities. Nationally, thousands have benefitted from our support of research and programs to fight childhood cancer. Each year, our Foundation, employees and financial representatives donate time, talent and financial support to causes they're passionate about.

This job is not covered by the existing Collective Bargaining Agreement and the incumbent is not allowed to be a member of the Union.


We are an equal opportunity/affirmative action employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, gender identity or expression, sexual orientation, national origin, disability, age or status as a protected veteran, or any other characteristic protected by law.


What's the role?


The Lead Auditor – IT and Vendor Programs will lead the Enterprise Risk Assurance department’s audits of third party vendors as part of Northwestern Mutual’s third-party risk framework. This role serves as the technical expert regarding information technology assessments and audits of vendors, and is responsible for assessing vendor risks including understanding enterprise vendors’ technical infrastructure, level of information that they maintain on behalf of the company, and business processes outsourced to the vendor. This role serves as a resource for the Enterprise Risk Assurance (internal audit) department to assure vendors are properly safeguarding company and client information.


Principle Accountabilities:


  • Create and maintain the department’s audit plan for vendors, manage the vendor review budget, and coordinate with other departments to create the plan
  • Consult on enterprise wide improvements to the third-party risk management framework by participating on teams and committees
  • Coordinate and lead assessments of vendors to assure appropriate risk coverage and consistency of execution of reviews across teams.  Review testing performed by staff and finalize issues and reports.
  • Lead and perform audits of cloud services providers and their implementations at Northwestern Mutual.
  • Develop and maintain strong relationships with business partners to assure key communication needs are addressed and expectations are managed while maintaining professional standards. 
  • Lead communication regarding the final report with business partners with limited guidance from department leadership by articulating risks identified, recommending solutions, and effectively influencing changes and negotiating with business partners.
  • Provide mentoring, training, and feedback to staff in area of expertise, audit technical matters, and for personal development.


Bring your best! What the role needs:


Minimum Requirements:

  • Minimum of an undergraduate degree relevant to core area (MIS, Risk Management, Business, etc.). 
  • Willingness to challenge the status quo and possesses a commitment to continuous improvement.
  • Minimum of eight years of professional experience in auditing, Information Technology, or vendor risk.
  • Knowledge and experience with cloud industry security best practices, data protection and privacy, and ITGCs.
  • Experience should include planning, organizing, testing, analyzing and documenting operational processes, internal controls, systems and related information.
  • Experience must include a minimum of 4 years participating, managing and leading complex, cross-functional audits/projects.
  • Experience using data analytics techniques to perform audits.
  • Strong management skills including all aspects of project management and staff training and mentoring. 
  • Proven ability to deal with ambiguity, respond to changing business needs and take an enterprise view.
  • Proven ability to establish and maintain relationships with key customers, including ability to negotiate and influence change with diplomacy.
  • Candidate must also have a CISA or CISSP or other relevant certification.




Req ID: 23855
Position Type: Regular Full Time
Education Experience: None
Employment Experience: 6-8 years
FLSA Status: Exempt
Posting Date: 09/13/2018