Senior Information Technology Auditor

Harvard University   •  

Cambridge, MA

Industry: Education, Government & Non-Profit


8 - 10 years

Posted 49 days ago

This job is no longer available.

Job-Specific Responsibilities

The Senior Information Technology Auditor will be a high impact member of the Harvard community through the delivery of audit activities with a focus on information technology, related policies, procedures, controls and information security activities at the University.

In this role, the Senior IT Auditor will:

  • Exhibit thought leadership and influence while demonstrating a breadth of knowledge regarding risk assessment and mitigation efforts, cyber risk, compliance matters, emerging trends, internal control assessments and the intersection with technology.
  • Be knowledgeable regarding the IT/IS landscape versus a narrow focus on any particular technology or aspect of a computing environment.
  • Actively participate in University-wide initiatives regarding computer security and major systems implementations, assists in the definition of business risks associated with new business processes and acts as a business consultant on complex issues.
  • Cultivate effective working relationships with all levels of the organization and routinely interacts with University stakeholders on risk assessments and information sharing.
  • Provide value through consultative activities that support management by recommending control environment improvements with a focus on sustainable solutions.

Typical Core Duties

  • Plan, design, and manage all assigned audits in accordance with departmental guidelines and professional standards for the practice of information systems auditing
  • Define the scope and objectives of the audit based on analytical auditing procedures and reviews of the auditees' business
  • Communicate audit specifics to auditee to ensure scope, objectives, status and other details are understood
  • Ensure all issues and opportunities are brought to the attention of the appropriate, responsible individual and corrective actions are discussed
  • Perform pre-implementation reviews of the major computer based systems
  • Advise management in understanding the key security and other internal control points that should be incorporated into new systems
  • Participate in user groups, task forces, and committees as appropriate to develop an understanding of evolving technology initiatives
  • Provide training, guidance and supervision to IS auditors to ensure audit objectives are met
  • Responsible for creating and updating audit programs as needed
  • Inform audit manager of progress of audits, major findings, and problems encountered
  • Contribute to audit Universe definition, University-wide risk analysis, annual audit plans, and departmental IT training programs
  • Ensure financial compliance with University policies and procedures and applicable legal rules and regulations

Basic Qualifications

  • Bachelor's degree or equivalent work experience required
  • Minimum of 8 years' experience in information systems or information systems audit role

Additional Qualifications

Your Audit Responsibilities:

• Efficiently lead and manage the audit process with appropriate consideration of audit risk issues and technical matters

• Ably deliver on all aspects of audit engagement activities which include; scoping, planning and risk rating processes, conducting the necessary field work, preparing all audit work paper sections, discussing and presenting audit findings and key observations with the auditee, and the preparation of audit reports

• Provide timely completion of information technology and information security audits in a manner consistent with the professional standards of conduct of the Institute of Internal Auditors and Information Systems Audit and Control Association (ISACA)

• Apply skills and knowledge fittingly in performing an assurance engagements and managing engagements in compliance with Departmental auditing standards

• Apply solution-based approaches to problem solving on client assignments

• Effectively manage client relationships and liaising with other departments to ensure the smooth delivery of the audit process

• Demonstrate expertise in Information Technology, Enterprise Architecture, networks, computing environments, servers, end points, software development, enterprise applications and various hosting models

• Stay informed with an understanding of emerging technologies, regulatory landscape and the new risk vectors and develops audit programs, reflective of best practices and emerging technologies

• Oversee staff auditors and reviewing work prepared by less experienced personnel on a project by project basis

Your People Responsibilities:

• Communicate with all levels of an organization and demonstrated ability to cultivate highly effective relationships

• Influence, change and shape the direction of a particular activity, either internally and/or externally

• Coach and mentor less experienced staff through sharing experience and knowledge appropriately

  • • Contribute to effective team work and create an environment of inclusion