IT Auditor
Responsibilities:
- Plan and execute internal audits in line with department and professional standards.
- Evaluate risks in auditable areas and create or restructure audit testing programs to address these risks.
- Evaluate the design and operating effectiveness of internal controls over processes that include but are not limited to:
- Workstation Security
- Server / OS Operations
- Network Operations
- Security Operations
- IT Asset (Hardware & Software) Management
- Database Management
- Mobile Device Management
- Access Management
- Software Development
- Cloud Computing
- Managed IT Services
- Payment Solutions
- Core Process Solutions
- Cybersecurity
- IT Governance / Information Security Program
- Incident Response
- Peer review workpapers.
- May assist with Operational or Compliance audit procedures.
- May assist with Third Party (e.g. SOC) or co-sourced/outsourced internal audits.
- Perform other duties as assigned.
Relevant Regulations, Standards, or Frameworks:
- Global IA Standards
- FFIEC
- PCI DSS
- NIST CSF
Competencies:
- Proficient knowledge of Microsoft Office Applications (e.g., Word, Excel, Power-Point, etc.)
- Strong Written and Verbal Communication Skills
- Strong Project Management Skills
- Detail Oriented
- Ability to apply professional judgment and critical thinking to:
- Assess risk, materiality, and control effectiveness
- Determine if evidence is sufficient and complete
- Analyze root causes of issues
- Effectively interpret and document processes.
- Experience with data analysis is a plus.
- Familiarity with AuditBoard is a plus.
- CISA, CISSP, or CCSP preferred.
