IT Senior Auditor

IT Senior Auditor

Requirements

• Bachelor’s Degree in a related field (e.g. Information Systems, Computer Science, Business, or Accounting)
• 3+ years of audit experience preferably in a Big 4 Public or National Accounting firm, or comparable business experience
• Proven understanding of core IT general control processes
• Experience in Audit, SOX Compliance, Consulting, Accounting, or other business-related activity
• Experience performing risk-based integrated audits (IT & operational)
• Understanding of IT SOX requirements, IT control frameworks (NIST, COBIT, ISO27001, SOC2 etc.), and related business process control activities
• Communication, presentation, people, and project management skills with the ability to clearly and concisely articulate audit observations and improvement opportunities
• Proactive, organized, and able to prioritize in order to deliver timely completion of assignments
• Excellent critical thinking and problem-solving skills with strong attention to detail
• Intellectual curiosity and balanced professional skepticism

Responsibilities

• Complete risk-based IT audits including integrated audits (operational) in accordance with the department audit methodology and IIA standards
• Support SOX assessment of the design and operating effectiveness of General Information Technology controls (GITC) that support financial reporting
• Coordinate with external auditors to ensure effective communication and resolution of internal control matters
• Support the IT Audit Sr. Manager or other project managers by giving to all phases of assigned audits including planning, conducting walkthroughs, performing testing, documentation, control design assessments, drafting audit observations, and verifying audit issue closure
• Prepare audit planning documents, audit announcement letters, and audit work programs ensuring complete coverage and analysis of key areas
• Assist in the preparation of audit reports upon completion of fieldwork
• Analyze data sets to create an appropriate audit sample and/or identify trends within a population that can provide key risk insights
• Lead meetings for assigned audit areas, interact with all levels of the organization, and develop improved relationships with process owners and business unit management
• Partner with the IT collaborators in identifying and evaluating risks, establishing mitigation and control plans, and understanding cross-functional IT control impacts
• Communicate audit results, audit recommendations, and other key messages to Internal Audit management and relevant business partners in a concise, clear, and timely manner
• Provide timely status reports to the IT Audit Sr. Manager and/or project manager
• Support multiple projects simultaneously and optimally run timelines to deliver high-quality work products in an efficient and effective manner with limited direct supervision
• Support the Information Technology risk assessment process to identify current and emerging risks and develop the annual IT audit plan

Preferred Qualifications

• CISA certification is preferred, and other audit, security, or technology certifications are a plus (e.g. CISSP, CISM, CRISC, etc.)
• Experience with reviews of modern technologies like RPA, AI, Machine Learning, Cloud preferred
• Experience using data analysis tools like ACL, IDEA, Tableau, Excel, SQL, and Alteryx