Senior IT Auditor
Category : Finance & Accounting
Location/City : TX - Plano
Id : 36296
We are on the hunt for a motivated technology and information security audit professional to make a strong contribution to our growing Internal Audit team. This role is an integral and valued component to our risk management environment and works closely with management to deliver value-added and challenging audit projects in the area of information technology, information security, business operations, finance/accounting, and compliance using progressive audit procedures. Projects vary each year and provide a high degree of challenge and diversity. The team also performs internal advisory projects and supports compliance audit responsibilities.
Think you can handle it? Keep reading…Five Things You Can't Google About This Role
Why you want this job: You have experience with a wide array of technology processes and you're ready to take you career to the next level with advancement opportunity and senior leadership exposure with organizational department leads across the globe.
The buck stops with you: Evaluating complex business processes utilizing a risk-based approach, and to provide the greatest value to our internal clients.
Always BCC this person: Ben Wyatt from Parks & Rec – an expert auditor.
Keep walking if: You aren't willing to move beyond "check the box" auditing. This team is consistently recognized for contributions to organizational improvements due to diverse and innovative approaches.
Skills to show off in the interview: Familiarity with the payment processing industry and common technology control frameworks.
Legal Said We Had to Include Bullet Points to Call This a Job Posting
Job Duties and Responsibilities
Skills & Requirements
- Delivers a diverse array of information technology and information security audits that include in-depth analysis and understanding of supporting business processes
- Evaluates numerous technology platforms and applies process, technology and security risk considerations
- Focuses heavily on risk-based audits that help management identify and reduce organizational risk
- Conducts risk-based audits including all aspects of the audit lifecycle, including risk assessment, planning, client coordination, fieldwork, data analysis, work paper documentation, reporting, and remediation validation, with direction from senior team members
- Strong focus on information technology and information security controls in executing integrated, risk-based audits to evaluate the design and effectiveness of internal control
- Focuses on the integration of IT and business process risk considerations within the audit process
- Detailed understanding of IT managed processes, including technology architecture, system build and provisioning, configuration management, performance monitoring, incident management, change management, user access management, disaster recovery, etc
- Evaluates key information security risks including confidentiality, integrity, and availability of technology components through review of security operational processes, such as vulnerability management, penetration testing, security logging and monitoring, security incident response, and in-depth defense strategies
- Evaluates root cause factors for audit testing exceptions and recommends practical solutions that reduce risk and strengthen business processes and controls
- Ensures audit testing work papers are documented in a consistent and high quality manner while executing project tasks in adherence to established timelines
- Builds and develops Internal Audit's brand within the company through meaningful relationship building
- Enables continuous improvement of the Internal Audit department by identifying and communicating enhancement'opportunities to department leadership
- Supports the development of other team members within the Internal Audit department
- Critically evaluates audit procedures to maximize the value'of each audit project
- Tailors project approaches based on areas of key risks
- Prepare clear, concise and accurate documentation and audit reports?
- Assists and provides guidance to the Internal Audit staff, when needed; train staff during fieldwork
- Proactively communicates issues with colleagues and obtains agreement on audit findings and practical recommendations with control owners prior to presentation to management
- 3+ years of relevant audit and risk management experience
- Knowledge of auditing principles and practices, and the analysis and reporting of audit information
- Bachelor's degree in Auditing, Business Management or Information Technology
- Merchant Acquiring/Payment Processing industry experience preferred
- Experience with internal control frameworks, including COBIT, FFIEC, PCI DSS, Sarbanes-Oxley, ISO27001, and ITIL •
- CIA, CISA, CISM, CISSP or other relevant certifications are preferred?
- Big Four audit experience preferred •
- 10-15% travel requirement, including some international travel •
- Audit and/or consulting experience in most of these areas:
- Information and data security for payment card data and publicly-identifiable information
- Application security, including segregation of duties and least privileged access
- Technology infrastructure security, including mainframe, UNIX/LINUX, Windows, SQL Server and Oracle database
- Integration of business process controls with supporting technologies
- Business process workflow documentation, including identification of key risks and the corresponding business and technology controls
- Systems development, project management, and change management
- IT infrastructure design, management, and operations
- Business continuity and disaster recover
- SOX/SSAE16 control testing
- Ability to work in a complex and evolving environment
- Demonstrate strong project management and execution skills, including prioritizing tasks, balancing workload, anticipating next steps, and adapting to change
- Strong communication and presentation skills with an ability to tailor communications to different audiences
- Pursues work with enthusiasm, energy, drive and team collaboration
- Ability to establish and build effective relationships
- Ability to collaborate with management and senior leadership to improve internal controls and processes