Sallie Mae (NASDAQ: SLM) is the nation's No. 1 financial services company specializing in education. Whether college is a long way off or just around the corner, Sallie Mae turns education dreams into reality for its 25 million customers. With products and services that include college savings programs, scholarship search tools, education loans, tuition insurance, and online banking, Sallie Mae offers solutions that help families save, plan, and pay for college. Sallie Mae also provides financial services to hundreds of college campuses as well as to federal and state governments. Commonly known as Sallie Mae, SLM Corporation and its subsidiaries are not sponsored by or agencies of the United States of America.
This position is responsible for developing and executing test plans for all ICE critical processes and key controls for most IT units. This position will serve as the liaison between the IT and Corporate Compliance/Risk related to ICE/Sarbanes Oxley testing requirements. Additionally, this position will be responsible for compliance monitoring related to other controls that are documented and tested for other risk frameworks such as PCI, FISMA and HIPAA. The incumbent is responsible for working with all IT areas to ensure all critical processes have been documented and analyzed. The incumbent must ensure adequate testing is performed on all ICE critical processes and all key controls within the process. This position will perform management testing in certain IT areas to ensure controls are adequate. In other IT areas, the incumbent will serve as an oversight role to validate test plans and results. The position must be responsible for gap identification and remediation. This position will be responsible for effective and timely communication of gap statuses. Communication with senior management will be required and will be verbal as well as written. Additionally, this position will be involved in compliance and process improvement projects as assigned.
Specific Job Responsibilities:
1) Testing and Monitoring
2) Audit Liaison and Coordination
- Evaluate and confirm, in conjunction with Process Owners, that all Critical Processes and key controls are accurate.
- Analyze the testing methods available and provide a recommendation to each Process Owner on the testing scope, method, frequency, and sample size. Gain sign off of agreement prior to each year's testing cycle
- Formalize and perform periodic testing of all critical processes and internal key controls to ensure controls are designed and operating effectively. Testing must be conducted throughout the year with half completed by Q2 each year and remainder in Q4.
- Document results in accordance with training; past work papers can be used as a guide.
- Report any exceptions or deficiencies noted through written reports and meetings with key management of the area reviewed.
- Develop and track remediation plans to ensure issues are resolved.
- Post results of testing on the ICE Portal. This will include testing summaries, testing lead sheets, and other pertinent documentation.
- Conduct exit meetings with key IT management of the areas tested to provide them with the information they need to determine if they are able to certify to the control environment as required by Corporate.
3) Support & Communication
- Follow-up efforts for issue resolution, task completion is required for this position as a liaison between IT and Corporate Compliance/Risk, Internal Audit and External Audit.
- Work closely with all IT Process Owners to understand controls and risks in each area. Regular communication with Process Owners is required.
- Coordinate meetings with IT department management prior to testing and after testing to review results.
- Assist in developing control documentation for all IT areas. Assist in analysis of documentation for all functional IT areas.
- Record all process gaps and manage until closure.
- Coordinate with IT areas.
4) Project Management
- Develops, evaluates and/or supports IT through review of a common process for ICE testing and coordination with PwC. Work to continually review ICE documentation and processes for areas to improve and enhance. Ensure standardization and consistency of documentation.
- Schedules meetings, tracks issues, completes project plans, publishes documentation and ensures IT areas are on schedule to meet PMO deadlines.
- Communicates ideas, testing strategies, findings, and process improvements, both verbally and in writing, in a clear, concise manner tailored to the appropriate audience.
- Organizes project teams, schedules and conducts meetings for projects, provides updates to project plans as tasks are completed and communicates status to all impacted parties.
- Completes deliverables for project including, but not exclusive to, project charters, project plans, test scripts, test results, data gathering documents and system documentation.
- 1 to 2 years of experience in auditing
- Ability to meet project due dates.
- Excellent written and verbal communication skills, including presentation skills.
- Ability to simultaneously manage and organize multiple projects.
- Ability to recognize/analyze/and document deficiencies and articulate those items to key management.
- Ability to lead and coordinate activities or project group.
- Excellent organizational skills.
- Excellent analytical skills and problem solving ability.
- Ability to make recommendations and decisions independently.
- Ability to perform well under pressure and to work independently with high levels of initiative.
Sallie Mae is a federal government contractor. This position will support a government contract and the successful candidate must obtain a 5C level security clearance and a clearance for Treasury. The candidate will be subject to a background check conducted by the U.S. Government to determine eligibility and suitability for federal contract employment for public trust or sensitive positions.
- Bachelor's degree in Information Systems, Accounting, Business or similar area of study
- Certified Information Systems Auditor (CISA) or Certified Internal Auditor (CIA), preferred
- Auditing experience
- Testing and/or Quality Management
- Project Management
- Procedural Analysis
- FISMA, HIPAA, PCI, and/or SOX related experience
Sallie Mae, founded 28 years ago, provides funds for educational loans, primarily federally guaranteed student loans originated under the...