Job Description
Job Summary
Conducts audits of the Company's Information Systems. Performs and may lead some audit projects. Contributes to audit objectives as a team member and potentially as a team leader on a per-project basis. Develops and uses new audit technologies, including continuous audit (data mining), audit process automation, and computer assisted audit techniques. Leverages IT audit knowledge to act as an IT audit consultant for financial auditors on integrated financial audits. Researches and assesses risks to information systems throughout the enterprise. Provides ad hoc consulting services to various groups throughout the enterprise. Provides management, IS groups, and end users with an informed and impartial assessment of the extent to which they may safely rely upon the Company's Information Systems.
Essential Functions
• Must exhibit technical knowledge to plan and execute assignments with limited supervision
• Identifies technology-related risks, and develops methods for evaluating those risks, through direct examination of systems, parallel process comparison, ethical hacking, statistical analysis, interview, and automated monitoring
• Applies knowledge of professional standards as established by recognized authorities, including the IIA (Institute of Internal Auditors) and the ISACA (Information Systems Audit and Control Association), to improve the quality and coverage of internal audits
• Maintains and improves knowledge of auditing, information systems, business management, and Vulcan's industries. Actively shares this knowledge with coworkers and clients
• Responsible for communicating technically complex issues with both technical and non-technical clients, including the controllers, managers, IS staff and others
• Written communications must be accurate, complete in content, and persuasive. Writes both technical documentation and persuasive prose
• Helps develop technical and communication skills of audit team members
• Follows standard formats for audit workpapers, and recommends changes as appropriate
• Consults with audit clients regarding information systems controls
• Makes presentations to various groups regarding information systems audit, controls, and security
• Maintains a professional and independent relationship with audit clients, and is courteous and tactful
• Attempts to gain the client's enthusiastic participation
• Ensures that control problems are recognized and documented, and that solutions are adequately researched and presented
• Uses projects to increase understanding of Vulcan businesses, and to refine auditing techniques
• Develops, reviews and modifies audit plans to reflect changes in risk, technology, and the needs of the business
• Develops new technologies and methods for evaluating internal controls, including the use of data mining, intrusion testing (ethical hacking), and application programming
• Accepts assignments with enthusiasm
• Accepts constructive criticism in a positive manner
• Is responsible for being prompt at meetings and for completing assignments on time
• Promotes the professional development of interns, coops, and junior staff members
• Maintains a positive and constructive attitude with superiors, peers, and subordinates
• Is able to act as an impartial and fair facilitator when conflicts or opportunities arise during the course of audit work
• Is a persuasive advocate of good internal controls throughout the enterprise
• Maintains high ethical standards, credibility, and integrity
• Frequently exerts collegial leadership (peer management) and subordinate leadership (bottom-up management) to assist clients in improving internal controls
• Is responsible for planning audits through the use of current business data, prior work, and open communication with other departments and regions
• Carries out multiple assignments simultaneously
• Promotes teamwork across the enterprise
Critical Competencies
• Customer Focus - Builds positive customer relationships and gains trust and respect, prioritizing their needs and using feedback to improve products and services.
• Communication - Communicates clearly and effectively, both verbally and in writing, while actively listening and adapting the message to the audience.
• Analytical Thinking - Ability to break down complex problems, situations, in order to understand underlying patterns, identify key issues; examine information logically, question assumptions, and draw conclusions based on evidence.
• Problem Solving - Identify, analyze, and resolve work-related issues efficiently and effectively using practical knowledge, experience, and hands-on skills. Finds practical solutions, implements fixes, and adapts to unexpected challenges.
• Critical Thinking - Ability to analyze information objectively, evaluate different perspectives, and make well-informed decisions.
• Technical Expertise: Maintains cutting edge awareness of latest development in a specific field by scanning multiple sources of information or data (e.g. periodicals, networks of contacts.
Responsibilities
Education
• Bachelor's Degree required.
• CISA certification preferred.
• Obtaining/maintaining a CISA certification is an ongoing requirement for the position.
Experience
• One to five years of recent experience in IT audit is required.
• IT experience may be substituted for some required audit experience.
• Audit or IS experience in at least three of the following areas (operating systems, database, network infrastructure, programming, systems security, project management)
Knowledge, Skills, and Abilities
• Must have the ability to use computerized equipment and technology.
• Proficient in Microsoft Office Suite, Google, Oracle Business Environment and other software packages relevant to the position.
• Ability to work independently and meet audit timelines with limited supervision
Other Requirements
• Travel is required and estimated to be 10-20%
• Must be able to sit for long periods.
• Must have the ability to use computerized equipment and technology.
• Proficient in Microsoft Office Suite, Google, Oracle Business Environment and other software packages relevant to the position.