Position Overview:

The Information Systems Audit (ISA) team is part of this Fortune 200 Client’s Internal Audit Division and provides independent assurance over how Information & Technology risk is managed.  This position is roughly the equivalent of a 1st or 2nd year Big 4 or Large CPA Firm/Consulting Practice IT Audit Manager or Technology Risk Manager or someone with at least 6 years of experience and at least 2-3 years in an In-Charge role.

Client Culture, Benefits, Opportunities, and Work/Life Balance:

As for the client, this client provides an excellent work/life balance and a great benefits package. The client has excellent health, dental, std, ltd, etc. benefits and also offers a great match on the 401k with a 1 to 1 match up to 6% and a free 2.5% contribution, as well as $9,000 in student loan forgiveness, $12,000 in home-buyers assistance, onsite fitness center and university, as well as free parking and tremendous room for growth! There are also great reimbursements and contributions for certifications or additional degrees.  This person will get great exposure, a great culture and working environment, and has excellent growth opportunities from within, as their ITRA group is growing fast, as well as opportunities around IT Risk & Controls, Cyber Security, and Privacy, and positions at the business unit level, are also growing and promotion can happen through those routes as well.

Our Impact:

Members on the ISA team are highly-skilled audit, risk management, and/or technology professionals with a demonstrated ability to provide value added audit and advisory services.  The team plays a critical role in shaping approach to managing Information & Technology risk by providing independent, objective, and value-added assurance of risk management, governance, and controls.

Your Impact:

The IT Audit Lead will be part of this team and focus on executing end-to-end audit services on Information & Technology risk. This spans over multiple areas while reviewing  core business processes down to delivering audits directed on core Information Technology General Controls. As part of the Third Line of Defense the candidate will work closely with risk partners in the Second Line of Defense and practitioners in the First Line of Defense in both the lines of business and Information Technology.

Your Work Falls into Three Primary Categories:

1.)  Audit/Project Execution

• Work independently or as part of an audit teams and ensure work is completed on time and in keeping with professional standards.
• Perform and document work such as procedure development, walkthroughs and controls testing in accordance with Internal Audit standards.
• Provide consultative advice to business and IT management on current or emerging Information & Technology risk, control and governance matters.
• Based on the work performed, identify and draft strategic, business focused issues and effectively communicate results to relevant stakeholders.
• Conduct internal training sessions to share knowledge and best practices.

2.)  Project Management

Maintain, track and communicate project status to stakeholders.

3.)  People Management

Within the context of individual audits, perform people management related tasks such as coaching and project performance evaluations.  Within the context of the department, train, lead, mentor, delegate to, assist with hiring, and review the work of Senior, Staff, and Associate level IT Auditors.

Qualifications

• Minimum of 6 years working experience. Experience must include a minimum of 4 years auditing Information & Technology risks in a large IT environment
• Relevant degree in Management Information Systems, Business Administration with an emphasis in Technology, Computer Science, Accounting Information Systems or related discipline
• Implementation experience or compliance review experience of industry standards to include COBIT, NIST, ISO, or ITIL
• Platform, middleware, and application audit experience to include experience with the various levels of the OSI model and technologies including Windows, Unix and, Oracle.
• Basic knowledge of cloud-based tools, applications and vendors such as AWS, Azure, or Google.
• Working knowledge of various change and project management methodologies (SDLC, Agile)
• Preferred CISA, CPA, or CIA
• Keys to Success in this Role
• Must work well in a team-oriented environment as well as individually
• Must work creatively and analytically in a problem-solving environment
• Must demonstrate effective verbal and written communication and interpersonal skills

Preferred Skills:

• Additional certifications such as PMP, CRISC, CISM, CISSP;
• Experience with data analytics and supporting tools (Tableau, SAS, Python);
• Privacy and Information security risk compliance experience with regulatory environments including GDPR or CCPA