.
Who We Are: Founded in 1960, Loews Hotels & Co-operates iconic hotels and resorts across the U.S. Together, our diverse and welcoming teams craft exceptional experiences in iconic destinations.
Growth and belonging start here; you’ll be valued for who you are and the goals you have. Whether your next career chapter involves making memories for guests or supporting our properties in our Corporate Office, every role—from Guest Services to Finance, Culinary to IT—offers opportunities to grow and make a meaningful impact.
Creating a Team Member experience where you belong no matter what race, color, religion, sex, sexual orientation, gender identity, national origin, veteran or disability status that makes you, you is a daily focus for us.
What We Offer:
This is a bonus eligible position
Hybrid work schedule
Competitive health & wellness benefits, 401(K) & company match
Paid Sick Days, Vacation, and Holidays, Paid Bereavement, Paid Pet Bereavement
Training & Development opportunities, career growth
Tuition Reimbursement
Employee Hotel Rates, other discounts, perks and more
What We’re Looking For: As the IT Audit Manager at Loews Hotels, you'll be at the forefront of our IT-focused audit endeavors, reporting directly to the Vice President, Internal Audit. This role offers an opportunity to lead and manage Sarbanes-Oxley (SOX) compliance audits over IT general controls (ITGCs) and drive operational IT audit processes, ensuring the integrity and security of our technology landscape. Collaborate closely with the VP, Internal Audit to craft annual risk assessments and risk-based audit plans, leveraging your expertise to identify key areas of focus and opportunity. Further, the IT Audit Manager successfully establishes positive working relationships with key internal and external stakeholders at all levels, including Executive and Senior Leadership, Loews Corporation Internal Audit, co-source partners, and external auditors.
Who You Are:
A guardian of ethics guided by principles of integrity, honesty, and respect
A continuous learner who is constantly evolving, mastering new skills, and staying updated on industry trends
A relentless communicator, fostering collaboration to support their colleagues and drive collective success
A natural, effective leader who takes initiative, makes decisions, and motivates others
A quick learner who is nimble in adapting to new situations and thrives in a dynamic work environment
Veterans and military spouses are encouraged to apply
What You’ll Do:
Perform annual risk assessments to develop the annual risk-based audit plan, evaluating the adequacy and operating effectiveness of internal controls by conducting audits of all business units (i.e., corporate/home office, hotel properties, and the shared service center), communicating audit recommendations to remediate audit issues or concerns identified, and providing IT advisory and assurance services to improve internal controls, operations, risk management, and compliance
Provide independent, objective IT assurance and advisory services to assess, evaluate, and validate the design and operating effectiveness of internal controls, while also adding value towards continuous process improvement opportunities within the organization
Lead and manage the planning, fieldwork, and reporting phases of IT compliance audits (including the review of quarterly IT SOX compliance certifications and completion of annual IT SOX compliance audits as required by SOX 302 and SOX 404, respectively) across the organization
Participate in the Annual Audit Risk Assessment and Enterprise Risk Management (ERM) processes, including understanding standard operating procedures and risk management policies, IT security and governance policies, interviewing key internal stakeholders, reviewing control self-assessments (CSAs) completed by hotel management, and analyzing financial data and information, which will help define annual risk-based audit plans
Share input and ideas towards developing audit risk and control matrices, mapping/documenting processes and procedures (e.g., flow charts and walkthrough narratives), and creating/enhancing audit methodologies and strategies
Perform detailed IT audit testing procedures during the fieldwork phase, while maintaining supporting audit workpapers, and thoroughly documenting any audit results and issues identified
Execute integrated audits consisting of financial, operational, IT, and compliance auditing procedures in collaboration with the Audit Manager
Clearly and timely communicate audit results and significant findings to the VP, Internal Audit, business and process owners, and senior management, and effectively advise on audit recommendations and corrective action plans to remediate issues
Assist with drafting formal audit reports and presentations that will be communicated to the Audit Committee, Executive and Senior Leadership team members and all other related key stakeholders
Partner with the IT Security and Governance team to assess and evaluate all IT general controls (ITGCs), as well as to complete special projects involving Cyber Security, Data Governance & Classification, Service Organization Controls (SOC) Reviews, System Implementations, Payment Card Industry Data Security Standards (PCI DSS) Compliance, etc.
Collaborate with the IT Business Intelligence team to design data analytics for continuous monitoring and automated audit testing by leveraging available analytical tools and resources
Hire, train, coach, and develop new staff and senior internal auditors, as needed
Co-lead and manage internal and external parties (e.g., co-source partners) to conduct planned audits
Coordinate with external auditors for interim and year-end financial statement audits, as necessary
Attend all required training sessions and meetings
Perform other duties as assigned
Your Experience Includes:
Bachelor’s in accounting, finance, or IT related field required; Master’s degree in referenced fields preferred
A minimum of six years of external or internal audit experience with working knowledge of and skill in applying Generally Accepted Accounting Principles (GAAP), Generally Accepted Auditing Standards (GAAS), Institute of Internal Auditors (IIA) Standards, SOX Compliance Requirements, Cyber Security Framework Standards (e.g., National Institute of Standards Technology – NIST), PCI DSS, etc.
Extensive understanding of internal controls and risks with the ability to recognize significant control issues and risk exposure across the organization
Experience assessing IT risks (including SOX), and evaluating the adequacy, design, and operating effectiveness of ITGCs
Strong understanding of IT security, governance, network, and infrastructure processes and procedures
Familiarity with utilizing data analytics tools to gain full coverage of audit population and automate auditing procedures
Proven track record of successfully managing and leading staff and senior internal auditors to effectively and sufficiently complete audit assignments and timely report on results
Excellent communication skills (verbal and written) in interactions with team members at all levels, including control or business process owners and senior management
Strong interpersonal skills with the ability to effectively develop and maintain positive working relationships cross-functionally with all levels of team members (e.g., Accounting, Finance, Operations, Compliance, Legal, HR, Loews Corporate Internal Audit, etc.) and external parties (e.g., co-source partners and external auditors)
Flexibility to work independently and in a team-oriented environment depending on assignment needs
Combination of Public Accounting (external audit) and Internal Audit experience preferred
IT audit experience at a company within the hospitality, restaurant, and retail industries, preferred
Knowledge of systems and applications such as, Oracle Enterprise Resource Planning (ERP), Workday Human Resources Information System (HRIS), Opera Property Management System (PMS), etc. with the ability to utilize system reports for audit testing and data analytics, preferred
Ability to work a flexible schedule based on business needs
Must be willing and able to travel up to 30% of the time, depending on business needs
Who You’ll Supervise:
Indirect team members (i.e., senior internal auditors) depending on the projects assigned
External co-source staff auditors, as needed
External co-source staff auditors, as needed
.
Salary range for this position, based on experience, is $112,000.00 to $140,000.00.