VP, IT Internal Audit Manager

About Us

Capital Bank N.A. is headquartered in Maryland and has been serving our communities since 1999. We stand as a publicly traded company (NASDAQ: CBNK) with over $3 billion in assets. We offer commercial and consumer banking services to clients primarily in Maryland, DC, and Northern Virginia, alongside two nation-wide lending brands; Capital Bank Home Loans and OpenSky, a credit card division that offers and services credit cards across all states. Our personalized approach to banking, paired with cutting-edge technology solutions and a comprehensive suite of products and services, fuels our growth, and enables us to support our customers at every stage in their financial journey.

Come join a bank where our employees thrive and are engaged in meaningful work. For the last 5 out of 6 years, Capital Bank was named one of the "Best Banks to Work For" in the U.S. by American Banker.

Position Purpose 

Capital Bank is seeking an experienced IT Audit leader for our IT Internal Audit Manager role. This position will assist the SVP, IA Director to plan, manage, and maintain the Information Technology Internal Audit (IT IA) function for Capital Bank. More specifically, the VP, IT IA Manager will be responsible for performing and overseeing the IT audits of the bank, including IT infrastructure and operations, data privacy, cybersecurity reviews and the governance of emerging technologies such as Artificial Intelligence (AI).

The position will execute and manage IT risk assessments, IT SOX compliance, and technical audits, while providing expertise to other internal auditors or third-party outsourced IA firms. The VP, IT IA Manager is expected to add value to the Bank by developing and executing audit programs based on technological risk, complexity, regulatory expectations (FFIEC, NIST), and the strategic technology roadmap of the Bank. The VP, IT IA Manager will report findings, conclusions, and technical remediation strategies to management and the Audit Committee.

Position Responsibilities

• Risk Assessment & Planning: Utilize a risk-based approach to assist in the development, monitoring, and maintenance of the IT Audit risk assessment and IT Audit plan, specifically focusing on IT infrastructure, IT operations, cybersecurity, data privacy, and AI governance.
• Audit Execution: Lead or manage IT audits either working solo, as part of a team, or overseeing a third-party IT audit partner.
• Technical Auditing: Conduct audits of the bank’s IT General Controls (ITGCs), application controls, network security, and disaster recovery programs in accordance with FFIEC guidelines, NIST frameworks, and internal policies.
• SOX Compliance: Assist or lead in walkthroughs, interim, and roll-forward testing of IT SOX controls (Logical Access, Change Management, IT Operations) and coordinate with external auditors.
• Vendor Risk: Assist in audits of critical third-party technology service providers to ensure security standards are met.
• AI & Emerging Tech: Evaluate the design and operating effectiveness of controls surrounding Artificial Intelligence, ensuring alignment with guidelines, data integrity standards, and model risk management regulations.
• Reporting: Develop technical work papers and internal audit reports that translate complex technical issues into business risks for the Audit Committee and Executive Management.
• Project Management: Meet or exceed targeted hours for audits, monitor progress, and report delays to the SVP Internal Audit Director.
• Issue Tracking: Carefully evaluate risks or gaps of controls in IT environments, make recommendations to Management, and validate the completion of corrective actions (remediation testing).
• Consulting: Consult with IT management on issues, implementation of system changes, or new digital initiatives (e.g., AI integration, cloud migration) where audit independence is not impacted.
• Professional Development: Remain current with certifications, training, and changes in regulations, cybersecurity emerging threats, and IT and Security frameworks (e.g., NIST, Cobit etc.)

 Education and Experience Required: 

• Education: Bachelor’s degree required in Computer Science, Information Systems, Cybersecurity, or a related field.
• Desired: Master’s degree in Information Systems, Cybersecurity, or MBA.
• Certifications: Certified in one or more of the following is required:
  • Certified Information Systems Auditor (CISA)
  • Certified Information Systems Security Professional (CISSP)
  • Certified in Risk and Information Systems Control (CRISC)
  • Certified Information Security Manager (CISM)
• Desired: Certified Internal Auditor (CIA) or CPA.
• Experience: Minimum 7+ years of IT audit or cybersecurity experience in the banking sector, financial institutions, or public accounting/consulting.
• Experience auditing Cloud environments (AWS, Azure) is highly desired.
• Knowledge of or experience in auditing AI models and governance frameworks.
• Experience using audit software and data analytics tools (ACL, IDEA, Python, SQL).

 Technical Knowledge and Skills

• Regulatory Knowledge: Familiarity with banking and IT regulations is required, including FFIEC IT Examination Handbook, GLBA, NIST Cybersecurity Framework, and SOX.
• Data Proficiency: Understanding of data lifecycle management, and data governance principles.
• Analytical Skills: Strong analytical skills to review system logs, configurations, and data sets to interpret results and communicate technical concepts to non-technical audiences.
• Soft Skills:  Strong attention to detail, flexibility to work on multiple projects and meet deadlines.
• Communication: Good skills in conducting audit interviews, communicating in an objective manner and presenting results in a relatable and effective manner.
• Problem Solving: Strong analytical, and problem-solving skills regarding IT and security environment.
• Software Skills: Skilled in working with GRC and audit tools,  databases, presentation software, and spreadsheet software.

Other

• Ability to travel within a defined market area.

Compensation

• Base Salary Range: $120,000 - $160,000 annually. Final determination of where you are at in the salary range is based on numerous factors such as geographic location, relevant experience, skill set, education, and ability to meet qualifications within the job description.
• We are hiring in: MD, DC, VA, PA, DE, NC, SC, FL, IN, IL. Candidates in other locations will receive the pay range tied to their specific area.
• Additional Compensation: This role will include a yearly annual target bonus based on individual performance.

Working Arrangements

• This is a hybrid role. (highly qualified candidates may be eligible for a 100% remote working arrangement)

Why Join Us?

• Join a growing company with a culture that fosters an entrepreneurial spirit
• Comprehensive benefits package including Medical, Dental, Vision, Company Paid Life Insurance, Disability Insurance, and more? 
• Company Contributions to your 401k - Regardless of your contribution
• Employee Perks: Paid Parental Leave, Employee Recognition Program, Leadership Program, Tuition Reimbursement Program, Employee Bank Checking Account, and much more!
• Generous Paid Time Off and Paid Holidays - Including Paid Charity Hours to support volunteer opportunities 

Supporting Businesses. Helping People. Strengthening Communities. 
Capital Bank, N.A. is an affirmative action and equal opportunity employer.