Job Description

The Assistant Director of Information Technology (IT) Audit reports to the Director of Audits and Investigations and provides leadership in the development of IT audit methodologies, Internal Audit (IA) strategies, and risk assessment processes. The position is responsible for evaluating governance, risk management, cybersecurity, compliance, and internal control processes across the University and affiliated entities.

The Assistant Director serves as Project Manager for audit and advisory engagements, provides technical leadership and mentorship to audit staff, and collaborates with executive leadership, audit clients, IT, compliance personnel, and external stakeholders. The position is responsible for ensuring audit activities are conducted in accordance with the Institute of Internal Auditors Global Internal Audit Standards (GIAS) and relevant control frameworks, while promoting continuous improvement through the use of emerging technologies, data analytics, and innovative audit techniques. The Assistant Director participates in both internal and external efforts to promote the audit profession.

Responsibilities

• Develops and implements technology-driven audit strategies, methodologies, and risk assessments. Assists in the development and execution of the annual risk-based audit plan through assessment of technology, cybersecurity, compliance, operational, and emerging risks.
• Ensures IA team members are provided with ongoing in-house training on IT-related risks and controls, including emerging risks. Assesses and makes recommendations related to the implementation of advanced audit tools and emerging technologies (artificial intelligence (AI), data analytics, etc.) to increase the efficiency and effectiveness of the IA team.
• Serves as Project Manager for IT audit and advisory engagements from planning through reporting and follow-up. Ensure engagements are conducted in accordance with GIAS and applicable frameworks, including but not limited to, National Institute of Standards and Technology (NIST), Control Objectives for Information and Related Technologies (COBIT), International Organization for Standardization (ISO), and related standards.
• Evaluates governance, cybersecurity, privacy, business continuity, disaster recovery, cloud computing, and technology control environments.
• Supervises, mentors, and develops audit staff through work assignments, coaching, performance evaluations, professional development planning, and recruitment activities.
• Utilizes data analytics, automation, artificial intelligence, and other technology-enabled audit techniques to improve effectiveness and efficiency.
• Communicates audit results and emerging risks to management and executive leadership and facilitates development of corrective action plans. Monitors and assesses the implementation of management action plans
• Represents Internal Audit on university committees, working groups, and governance initiatives, and promotes audit initiatives internally and externally.

Additional Information for applicants:

• This position is eligible for hybrid work subject to job duties, performance expectations, security and confidentiality requirements, on premise responsibilities, and managerial and organizational needs.

Qualifications

Minimum Qualifications:

Bachelor's degree from a regionally accredited institution in accounting, information systems, cybersecurity, business management, or a related field and seven years of demonstrated progressive experience in auditing and compliance in complex projects and supervising professional staff.

CISA Certified Information Systems Auditor, Certified Information Systems Security Professional (CISSP) or equivalent professional certification required.

Degree Equivalency Clause: Four years of direct experience for a bachelor's degree.
• Senate Bill 1310- The Florida Senate (https://www.flsenate.gov/Session/Bill/2023/1310) is conditional upon meeting all employment eligibility requirements in the U.S.
• SB 1310: Substitution of Work Experience for Postsecondary Education Requirements
• A public employer may include a postsecondary degree as a baseline requirement only as an alternative to the number of years of direct experience required, not to exceed:
• (a) Two years of direct experience for an associate degree;
• (b) Four years of direct experience for a bachelor's degree;
• (c) Six years of direct experience for a master's degree;
• (d) Seven years of direct experience for a professional degree; or
• (e) Nine years of direct experience for a doctoral degree
• Related work experience may not substitute for any required licensure, certification, or registration required for the position of employment as established by the public employer and indicated in the advertised description of the position of employment.
• Minimum Qualifications that require a high school diploma are exempt from SB 1310.

Preferred Qualifications:

Master's degree in a related field from an accredited university and 5 years of demonstrated, progressive experience in internal or external auditing and compliance or Bachelors and a minimum of 7 years of progressive experience. Certified Internal Auditor certification is preferred in addition to IT Certification.