Director, IT Audit

The Director of IT Audit is responsible for leading and managing the organization’s IT audit function and assessing the integrity, security, and compliance of technology systems and processes. This role provides assurance to the Board of Directors and oversees a global team of professionals. The Director will partner with Global Senior Leadership to provide strategic insights and recommendations that strengthen IT governance and risk management. 

Essential Functions:

TEAM OVERSIGHT: 

• Oversee the Global Technology RAAS team in the execution of independent reviews and evaluations of  technology-related operations and activities to assess:
  • The reliability and integrity of internal controls over financial reporting for systems that authorize transactions
  • Compliance with policies, laws, and regulations which could have significant impact upon IT operations and processes 
  • The effectiveness and efficiency of IT operations
• Ensure audits confirm with the Institute of Internal Auditors (IIA) standards
• Perform team member evaluations and establish development plans 
• Establish an environment that fosters team collaboration, innovation, ownership and positive culture

COMMUNICATION: 

• Conduct meetings with Sr. Management to discuss audit scope, audit results, and associated management actions to mitigate identified control gaps
• Document results of audits in formal reports that are distributed to Sr. Brand and Corporate Management
• Provide Global Management teams regular updates on audit status, and control enhancement opportunities
• Create quarterly exhibits for the Board of Directors

COORDINATION: 

• Engage with, and build professional relationships with Senior Leadership across the Company to coordinate audit execution and IT risk evaluation
• Develop and maintain effective engagement with the external auditors to provide support with annual audit activities

SOX ASSESSMENT: 

• Oversee the execution of the annual Global IT SOX Assessment, including driving changes to enhance efficiencies and effectiveness of testing
• Develop a program to test the design and operating effectiveness of SOX controls
• Identify and report findings (to Sr. Management and SOX Committees) on a timely basis
• Provide Sr. Management insights and perspectives on control enhancements 

STRATEGY:   

• Define IT Audit strategy and associated supporting programs 
• Conduct annual IT Audit Risk Assessment and develop the associated IT Audit Plan 
• Define and maintain program to efficiently deploy audit resources and provide audit coverage of key IT risks
• Develop programs to leverage technology (e.g., IA, Data Analytics, audit tools) to increase effectiveness and efficiency of audit coverage
• Link overall IT audit initiatives with RAAS departmental strategy to ensure effective risk coverage

Knowledge & Skills:

• Scope:  The RAAS Technology Director oversees RAAS's Global IT Audit team that provides advisory services and assurance that controls are design well and operating effectively to mitigate IT risks across the Carnival Brands. The role is critical in supporting RAAS' mission to provide assurance to the Carnival's Sr. Management teams and the Boards of Directors that the Company maintains a sound control environment, and complies with laws and regulations. 
• Problem solving:  The RAAS Technology Director is routinely called upon to oversee the performance of complex audits across a diverse technology environment and understand complex processes.  Complex data analytics of both financial and operational data sets is routinely used to identify anomalies and interrelationships that could be an indication of risk manifestation.  Given the diverse technology platforms and processes at Carnival, the Director must be able to develop pragmatic solutions to assist with the mitigate IT risks across a wide range of technologies.
• Leadership: The RAAS Technology Director oversees a global team of 10+ professionals.  The team is located primarily in Miami but there are local resources that are located in California and Europe. 

Qualifications:

• Bachelor’s degree in Information Technology, Computer Science, Accounting, or related field; Master’s degree preferred
• Professional certifications such as CISA, CISM, CISSP, or CIA strongly preferred
• 10+ years of progressive experience in IT audit, risk management, or cybersecurity, including at least 5 years in a leadership role
• Deep knowledge of IT governance frameworks (e.g., COBIT, NIST, ISO 27001)
• Strong understanding of cloud technologies, cybersecurity, data analytics, and emerging tech risks
• Excellent communication, leadership, conflict resolution, and stakeholder management skills
• Strategic thinking and ability to align IT audit with business objectives
• Strong analytical and problem-solving skills
• Ability to influence and drive change across complex organizations
• High integrity and commitment to ethical standards
• Ability to coach / develop a diverse team of professionals 
• Sound IT risk and control understanding (including the ability to design tests of controls)
• Extensive experience navigating 'politically' sensitive topics with C-Level / Sr. Management

Travel:  Less than 25% with shipboard travel likely

Work Conditions: Work primarily in a climate-controlled environment with minimal safety/health hazard potential.

Physical Demands: Must be able to remain in a stationary position at a desk and/or computer for extended periods of time. 

This position is classified as “in-office.”  As an in-office role, it requires employees to work from a designated Carnival office in South Florida Monday through Thursday each week. Employees may work from their homes on Mondays and Fridays.  Candidates must be located in (or willing to relocate to) the Miami/Ft. Lauderdale area. 

Offers to selected candidates will be made on a fair and equitable basis, taking into account specific job-related skills and experience.   

At Carnival, your total rewards package is much more than your base salary. All non-sales roles participate in an annual cash bonus program, while sales roles have an incentive plan. Director and above roles may also be eligible to participate in Carnival’s discretionary equity incentive plan. Plus, Carnival provides comprehensive and innovative benefits to meet your needs, including: 

• Health Benefits: 
  • Cost-effective medical, dental and vision plans 
  • Employee Assistance Program and other mental health resources 
  • Additional programs include company paid term life insurance and disability coverage  
• Financial Benefits: 
  • 401(k) plan that includes a company match 
  • Employee Stock Purchase plan 
• Paid Time Off 
  • Holidays – All full-time and part-time with benefits employees receive days off for 8 company-wide holidays, plus 2 additional floating holidays to be taken at the employee’s discretion.  
  • Vacation Time – All full-time employees at the manager and below level start with 14 days/year; director and above level start with 19 days/year.  Part-time with benefits employees receive time off based on the number of hours they work, with a minimum of 84 hours/year.  All employees gain additional vacation time with further tenure. 
  • Sick Time – All full-time employees receive 80 hours of sick time each year.  Part-time with benefits employees receive time off based on the number of hours they work, with a minimum of 60 hours each year.   
• Other Benefits 
  • Complementary stand-by cruises, employee discounts on confirmed cruises, plus special rates for family and friends 
  • Personal and professional learning and development resources including tuition reimbursement  
  • On-site Fitness center at our Miami campus

#Corp

#LI-Hybrid

#LI-SH1