Position: IT Auditor Department: Internal Audit
Location: Corporate Office Reports To: Sr. Manager, IT Audit
The Information Technology (IT) Auditor will: plan and direct technical audits related to the companies’ IT policies, procedures, systems, and business processes; develop audit programs, prepare reports, brief all levels of management, and maintain high standards for work paper accuracy and completeness. The IT Auditor will also possess the skills necessary to communicate, navigate, influence and collaborate in a global, multi-faceted, dynamic organization.
Nothing in this job description restricts management’s right to assign or reassign duties and responsibilities to this job at any time.
- Develop an open and positive relationship with all levels of line and executive management based on mutual trust and respect and a focus on common business objectives. Plan and perform integrated audits, systems reviews, and pre/post implementation reviews, and special audit projects, in collaboration with financial auditors.
- Develop an effective approach for testing application and general computer controls for the Sarbanes Oxley (SOX) compliance; conduct testing and document results.
- Evaluate the effectiveness of controls over information systems, document work performed, and report conclusions and recommendations to management.
- Provide training to the audit team and IT and business personnel regarding the IT documentation and testing to be conducted in connection with SOX.
- Collaborate with other members of the audit team to plan and develop audit programs, risk assessments, and other planning documents.
- Prepare audit reports and present observations and/or recommendations to management.
- Identify risks and controls for business processes, technical infrastructure systems, and key IT systems development initiatives.
- Bachelor’s degree in Management Information Systems, Computer Science or related degree.
- Two to five years IT audit experience in a combination of public accounting and industry with significant SOX experience.
- Domestic and international travel, approximately 15-25%.
- Strong understanding of Information Technology General Computer Controls, System Implementation Reviews, Business Continuity, Application and Infrastructure controls.
- Current designation and maintenance of a Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA) or similar certification.
- Knowledge of Oracle Financials, JD Edwards and Hyperion Financial Management a plus.
- Knowledge of auditing standards and frameworks, 2013 COSO Framework, PCI DSS, SOX, NIST, CIS and COBIT.
- Demonstrated ability to use technology to improve the effectiveness of assignments, increase efficiencies, and quickly complete work objectives.
- Strong knowledge of IT Security, including Windows Active Directory, Linux, SQL Server and Oracle.
- Strong interpersonal skills; must work well in teams and develop relationships with IT, Finance and operational management.
- Strong communication skills (verbal and written), facilitation, presentation, and interpersonal skills, with the ability to present complex and sensitive issues to senior management, and influence change for the benefit of the company.
- Proven ability to multi-task, complete projects on time and on budget and adjust to changing priorities.
- Ability to translate technology issues into business risk and impact.
- Strong work ethic and high degree of initiative.
- Frequently required to walk, stand, sit, climb, balance, stoop, bend, and kneel
- Frequently lifts up to 10 lbs.
- Long periods spent sitting at desk in front of computer screen.
- Regularly required reach with hands and arms.
Job functions will be carried out in an office environment.