Sr. Internal Auditor -IT

JOB TITLE: Senior Internal Auditor-IT

Responsible for executing high quality audits, risk management over the IT infrastructure, applications and processes. Responsible for delivering high quality internal audit results under the direction of IT Audit Managers and Directors, including planning, performing IT risk assessments, and developing and executing test plans to assess design and effectiveness. Key focus areas are risk assessments, cyber security assessments, business continuity and disaster recovery assessments, and review of internal controls, corporate policy, laws, and regulations, as they relate to the Company's electronic assets.
The primary focus of the audit department is to assess risk and evaluate internal controls over operational processes as well as compliance with certain corporate policies. In addition, the department supports management requests and special investigations, as needed.

•Executes specific projects established in the annual audit plan, develops scope and objectives of IT audits while ensuring alignment with audit standards, guidelines, and best practices

•Executes projects related to the NIST Cybersecurity Framework, NIST 800 series, CIS Controls, ISO 27001/27002, OWASP, Payment Card Industry, Data Privacy, IT General Controls (ITGC), and other laws and regulations governing the corporation

•Develops audit objectives, scope, audit plan, and procedures

•Prepares audit summaries and reviews audit results with senior IT management providing observations and conclusions as well as identifies and communicates gaps and evaluates management action plans and related reporting

•Keeps abreast of relevant business developments and evolving IT risk areas

•Contributes ideas and opinions to the internal audit team by identifying relevant automated controls to include in an audit scope; designing audit programs/procedures to assess their adequacy, and assisting financial/operational auditors in applying IT audit principles and concepts

•Develops and maintains effective relationships within the team and individuals throughout the organization

•Performs other duties as required

•Contributes ideas and opinions to the internal audit team

•Develops and maintains effective relationships within the team and individuals throughout the organization

The above statements are intended as general examples of the duties of this position and are not all-inclusive for the position. Other reasonable duties may be assigned by the supervisor.

Skills/Abilities and Knowledge -

•Ability to communicate and align well with key stakeholders

•Ability to cultivate channels of communication (both written and verbal) to effectively influence at all levels of the organization

•Ability to define effective audit plans and effectively coach experienced IT auditors

•Strong understanding of business processes, financial reporting and information technology audit and control frameworks such as SOX, COBIT, ITIL, and PCI

•PCI Standards, HIPAA, and security knowledge a plus

•Strong leadership skills in the areas of leading through influence, relationship building and strategy development and execution

•Strong knowledge of risk assessment and familiarity with tools and techniques used to provide control and monitoring mechanisms

•Solid knowledge of IT audit methodologies and control frameworks of IT platforms, processes, systems and controls, including areas such as network security, logical access and change management controls at an infrastructure and application level, databases and systems maintenance

•Knowledge of cable television products and services

•Proficiency and familiarity with various network architectures, services, systems, applications, development platforms, network/security technologies

•Experience in performing information security assessments

•Proficiency in information security tools to exploit vulnerabilities in networks and applications

•Knowledge of web application security including cross site scripting and SQL injection

Education (level and type) -
Bachelor’s degree in Information Technology, Business, Accounting, or Finance

Related Work Experience - Number Of Years
Experience in internal auditing or public accounting 3-4
Big 4 experience ideal
Experience with various technologies, including networks, platforms, and applications
Certifications and/or Licenses -
CISA preferred, CIA, CISSP, CISM, CEH, GPEN, OSCP, CPT and/or MBA desirable

Office environment

Required Travel 25-30%

Share this Job

Other Locations For This Job