IT Internal Audit Officer

Come work with us:

Metropolitan Commercial Bank (the "Bank") is a full-service commercial bank based in New York City. The Bank provides a broad range of business, commercial, and personal banking products and services to individuals, small businesses, private and public middle‑market and corporate enterprises and institutions, municipalities, and local government entities.

Metropolitan Commercial Bank was named one of Newsweek's Best Regional Banks and Credit Unions 2024. The Bank was ranked by Independent Community Bankers of America among the top ten successful loan producers for 2023 by loan category and asset size for commercial banks with more than $1 billion in assets. Kroll affirmed a BBB+ (investment grade) deposit rating on January 25, 2024.

For the fourth time, MCB has earned a place in the Piper Sandler Bank Sm‑All Stars Class of 2024.

Metropolitan Commercial Bank operates banking centers and private client offices in Manhattan, Boro Park, Brooklyn and Great Neck on Long Island in New York State.

The Bank is a New York State chartered commercial bank, a member of the Federal Reserve System and the Federal Deposit Insurance Corporation, and an equal housing lender. The parent company of Metropolitan Commercial Bank is Metropolitan Bank Holding Corp. (NYSE: MCB).

We are seeking a highly motivated Internal Audit Officer to join our Internal Audit Department at the Metropolitan Commercial Bank (the "Bank"). This role is essential in supporting the co-sourced IT audit function by action as the primary liaison between internal stakeholders and the audit co-sourcing firm. You will ensure that the co-sourced IT audits are conducted effectively, aligned with regulatory standards, and contribute to the overall risk management framework of the Bank.

This position reports to a VP, Audit Senior Manager. The position will require ongoing interaction with the co-sourcing firm, regulators, and external auditor(s). This position is ideal for a candidate who will thrive in a dynamic and collaborative environment that values innovation, integrity and inclusion.

We have a flexible work schedule where employees can work from home one day a week.

• Serve as the main point of contact between the Internal Audit Department and the co-sourcing audit firm; manage IT audits.
• Assist in the development of Internal Audit's annual risk assessment and the audit plan; ensuring the plan is responsive to, and aligned with, the risk profile of the Bank; ensuring the risk assessment is periodically updated as needed.
• Evaluate the design and operating effectiveness of IT related controls, adherence to established policies and procedures, and regulatory guidance.
• Review and validate co-sourcing firm work papers; discuss irregularities, exceptions and deficiencies discovered during audits and issue validation testing with management.
• Manage the issue tracking including regulatory issues. Review and evaluate evidence obtained from management for validation and perform follow-up testing as necessary.
• Assist in assessing IT processes, controls and documentation associated with SOX 404 program, collaborate with the Bank's external auditor, and test SOX controls on behalf of management.
• Provide knowledgeable and objective counsel to strengthen the Bank's IT control environment; conduct pre/post- implementation of IT systems, present audit results to management and the Audit Committee as needed.
• Assist in developing IT audit methodology and IT audit procedures.
• Engage in continuous learning by participating in educational opportunities; maintaining professional accreditations; read professional publications; participate in professional organizations. Stay current on emerging technologies and regulatory requirements impacting IT risk and audits.

• 6+ years of progressive external and/or internal IT audit experience in an organization of appropriate scale and complexity; bank and publicly traded company experience.
• Bachelor's degree in information technology, Computer Science, or a related field.
• Relevant certification preferred (e.g., CISA, CISSP, CIA,…