Successfully complete assigned audit engagements for Information Technology (IT), and Information Security (IS) activities, processes, and controls under the direction of Audit Leadership. Identifies potential issues and process efficiencies, develops audit recommendations to mitigate risks and achieve business and technology objectives, drafts audit reports that are clear, concise and include both the impact and root cause of the issue identified, performs risk assessments of IT/IS activity and supporting processes and develops risk-based work plans to complete audit and control objectives, assists in completion and development of annual audit plan and performs additional projects as necessary. Maintains IA tools, and methodology, in accordance with Bank policies.

Primary Responsibilities:

• Assist in planning, scheduling and preliminary analysis for assigned audit projects.
• Coordinate audit activities for assigned audit projects, including notification of all affected parties of audit timing, scope, objectives, approach and deliverables.
• Identify, document, and map IT/IS processes and internal controls of applicable infrastructure and operational areas per the scope of the audit project.
• Perform risk assessments of IT/IS infrastructure and operational processes and controls for assigned areas.
• Develop risk-based audit programs to achieve IT/IS audit objectives for assigned audit projects, and incorporate Data Analytics, as appropriate.
• Perform audits related to IT/IS ensuring compliance with IA and industry (including IIA) standards.
• Support the identification of opportunities for the usage of Data Analytics in the audit process through data collection, and analysis, and during audit execution.
• Support integrated audits that cover financial, operational, and business areas of focus with technical expertise related to IT/IS, and incorporate the usage of Data Analytics, as appropriate.
• Assist assessments of new products, systems, and technologies and provide technical expertise related to IT/IS.
• Complete audit testing, inquiry, and other analysis required to meet objectives of assigned audit projects.
• Complete working papers evidencing performance of all audit work.
• Communicate progress and results of audit throughout the audit engagement to auditee and management.
• Develop value added recommendations to deal with issues identified during assigned audits and draft audit reports to formally communicate the results of the audit and related recommendations.
• Perform reviews of implemented audit recommendations.
• Maintain internal department Manual, Procedures/Standards, and tools, including Governance, Risk and Compliance (GRC), in accordance with Bank policies.

Skills/Knowledge:

• Bachelor's degree in Information Systems, Computer Sciences, or related field, or equivalent experience. Certified Information Systems Auditor (CISA) and/or Certified Information Systems Security Professional (CISP) strongly preferred.
• Minimum three years internal or external audit experience is required, public accounting firm or financial services industry experience preferred.
• Strong understanding of technology processes (e.g., change management, access management, computer operations) and application controls within a regulated environment.
• Sound understanding of audit process/methodology and risk management/advisory ability.
• Experienced in using a risk-based audit approach in evaluation of recommendations for management processes.
• Ability to adapt to a changing environment, meet deadlines and handle multiple projects.
• Excellent communication, interpersonal, time management and issue resolution skills.
• Able to operate PC-based software and/or automated database systems required.

Core Competencies:

• Customer Focus, Decision Quality, Ensures Accountability, Drives Results, Collaborates, Values Differences, Communicates Effectively, Instills Trust.

SALARY RANGE: $135K - $145K

The Federal Home Loan Bank of San Francisco is an Equal Employment Opportunity employer and is committed to a diverse workforce. We value and actively seek to recruit, develop, and retain individuals with varied backgrounds and experiences reflecting the full diversity of the communities that we serve. It is the policy of the Bank to comply with all applicable laws concerning the employment of persons with disabilities.

Salary ranges reflect the base salary that the Bank reasonably expects to pay for a given role and is not inclusive of annual incentive award opportunities, retirement benefits or the value of other health and welfare or other ancillary benefits. We consider many factors when determining base salaries such as individual background and experience, the competitive environment, education, particular skill set(s), and industry and institutional knowledge.

The Bank is committed to offering all team members challenging and engaging work with market competitive pay, retirement, and benefit offerings. In support of this commitment, the Bank routinely engages in market competitive benchmarking surveys and analysis to ensure our team members continue to be paid fairly and competitively.