This position operates in both individual contributor and team leader roles and is responsible to plan and execute assigned audits within Ciena’s Internal Audit program with emphasis on IT audit areas. Incumbents are accountable for evaluating and improving risk management, operations, control environment and governance processes, using a disciplined, collaborative approach in support of the Audit Committee and management.
Incumbent participates in or leads risk assessments, develops tests, coordinates audit tasks, reviews and directs the work of others, including contractIT audit support, and conducts fieldwork across various processes and locations. Additional responsibilities include refining audit scope, task and project timeline management, ensuring workpaper documentation quality, and issues are adequately supported by fieldwork. Daily work involves individual contributor and team participation as dictated by audit subject matter. Regular interaction with all business partner levels and otherinternal and external audit team members is required. Domestic and international travel up to 10% may be required.
- Plan, manage and execute complex IT related, Sarbanes-Oxley and operational audit projects in a professional manner and in accordance with the Institute of Internal Auditors (IIA) Professional Practices Framework.
- Assist in or lead IT risk assessments, create detailed audit programs and tests to meet audit objectives using COSO, NIST, COBIT, ITIL or similar risk/control models.
- Lead audit teams and/or participate on IT audits for compliance with regulations, Sarbanes-Oxley, cybersecurity, policies and procedures, operational improvement, etc.
- Responsible for integrity and execution of audit engagements, timely and effective audit plan milestone achievement, staff activity coordination, audit workpaper preparation and review, fieldwork documentation and audit closing with clients.
- Evaluate internal control environment existence, efficiency and effectiveness for specific IT audit areas and processes.
- Assess key controls, processes and system design, documentation and execution adequacy.
- Create and submit objective, concise, accurate, logical, and fact-based auditreports in accordance with audit standards and supported by fieldwork results. In those reports, identify, control, operating and compliance deficiencies or inefficiencies and recommend improvements to management.
- Make, or assist in, oral and written presentations to management during and at audit conclusion, discus deficiencies, recommend corrective action and suggest improvements in internal controls and operations.
- Secure management commitment for issue resolution.
- Advise process owners in evaluating risks and controls for new or revised processes.
- Interact with business partners up, down and across the organization structure.
- Assist in co-planning annual and individual audit work with external auditors.
- Maintain updated knowledge of rules, regulations and standards for internal audit, IT technology and related matters of interest to the department.
- Provide evaluation input into audit staff performance evaluations, as appropriate.
- Assist in recruiting, developing and maintaining a highly competent audit staff.
- Critical thinking
- Experience leading audit engagements and audit teams
- Understanding of IT operations, networks, applications, cybersecurity, network and application security, Active Directory
- Knowledge of COSO, Sarbanes-Oxley IT General Computer Controls, COBIT, NIST, ITIL internal control models
- Strong test and documentation experience
- Strong interpersonal, oral and written communication skills
- Excellent analytical skills
- Teaching and coaching skills
- Project and time management
- Desired Characteristics:
- Familiarity with Oracle or similar large ERP System
- Familiarity with Oracle and SQL databases
- Familiarity with audit tools (AutoAudit, IDEA, ACL, etc.)
- Knowledge of cloud and outsourced vendor risks, controls and audit approaches
- Vendor auditexperience
- Highly ethical, team oriented, flexible, inquisitive, logical
- Ability to maintain objectivity, confidentiality and integrity
- Motivated, creative, self-directed problem solver
- Ability to work across all management levels to propose value added solutions and recommendations for continuous improvement
- RequiredDegree: BS/BA
- PreferredDegree: MBA
- Preferred Major: Information Systems, Computer Science or related discipline
- Minimum of 5 years of IT related Internal or external audit, or corporate IT operations experience
- Sarbanes Oxley compliance test experiencepreferred
- Network vulnerability and penetration test background
- Preferred CISA/CISSP/CIA/CISM or current candidate
The Ciena Experience:
Rewarding experience. Meaningful outcomes.
Make no mistake that we’re committed to developing leading network technology. But our path to innovation stems from our culture and outstanding people. We embrace diversity, celebrate inclusion, and champion ideas—across the table and around the world. This is the Ciena network. You won’t find complex organization charts and stiff protocols here! Innovation travels faster in an atmosphere where ideas can be freely discussed and brainstormed on the fly. A big part of work is about enjoying more satisfying outcomes—both personal and professional.