Seeking IT auditor with experience in information technology and auditing.
Purpose -To lead, oversee and conduct complex information technology (IT) audits. To provide highlevel technical expertise to Sr. Internal Auditors, while supporting wide-ranging Internal Audit initiatives. To plan, coordinate and organize projects and project teams.
- Leads, oversees and conducts the most complex IT audits in accordance with Client and industry audit standards.
-Leads project team members on assigned tasks. -Edits and assembles high-quality auditreports for presentation to senior management.
-Ensures audit standards are in compliance with IT standards published by the Federal Financial Institutions Examination Council, National Credit Union Association (NCUA), Generally Accepted Accounting Practice (GAAP) and other federal, state and local requirements as appropriate for Client business functions.
-Manages other auditors as the auditor-in-charge to ensure timely and effective audits.
-Oversees and evaluates changes in procedures and/or controls to verify their effectiveness.
-Ensures audit consistency with corporate objectives by providing new procedures and/or changes of audit standards to all involved.
-Stays informed of new IT implementations and best practices.
-Advises management of emerging security and technical risks. Performs enterprise IT risk management assessments.
-Coordinates external IT audits as required.
-Assists in designing and performing data extraction and preparing data analysis reports. Contributes to the continuous auditing program.
-Assists other Internal Auditors in completing IT components of audits and completing computer assisted audit techniques.
-Provide expertise to Senior Internal Auditors and other staff.
-Provides expert technical guidance and direction to Internal Audit staff for audit standards.
-Serves as the main liaison to the Information Services department for IT initiatives and audits with IT components.
-Advances internal audit staff knowledge and understanding of specific IT audit standards.
-Identifies and documents IT functional requirements including specific description of IT functions, work flow processes, input and output descriptions, procedural flows, data elements, performance criteria, and security and control requirements.
-Provides technical expertise in determining effective security controls.
-Provides input to the annual work program and ensures adequate coverage related to IT audits.
-Participates as a team member in meetings and discussion groups on major projects related to the development and improvement of products and procedures.
-Facilitates group discussions to further team goals and projects.
-Supports internal audit initiatives by recommending improvements to products and services.
-Provides status reports to Internal Audit management on the progress of audits and key issues raised during audit testing.
-Reports on team progress to management. -Develops project plans for process improvement.
-Provides information to the management to assist in setting priorities.
-Surveys relevant audit procedures and updates for up-to-date information.
-Performs other duties as required or assigned.
Lead IT Auditors should have experience independently auditing the following areas:
3rd Party hosted services (KSP, SSAE-16 SOC 2)
Online or Mobile applications
Voice\Call Center Systems
Penetration testing\vulnerability assessments
Qualifications ? Knowledge, Skills and Abilities
?Experience that demonstrates an knowledge and skill of information technology.
?Experience and knowledge of information security analysis and design techniques.
? Expert knowledge of data security practices and procedures, including risk assessment, authentication technologies, and security attack pathologies.
? Extensive experience in project planning and resource management
? Strong planning and organizational skills
? Strong research, analytical, and problem solving skills
? Strong verbal, written and interpersonal communication skills.
? Ability to present findings and conclusions clearly and concisely.
?BachelorDegree in business, information systems, or related field
? CISSP, CISA or other related Information Security and Information Technology certifications.
? E x perience in network engineering, information security, application development, systems development, business continuity, and databases.
?Experience and knowledge in IT auditing.
? Knowledge of the financial services industry.
Knowledge of pro gramming and data extraction products such as ACL, ezTrieve, ISPF, JCL, Lotus Notes and other products.