Senior IS Auditor
Responsibilities:
• Plan and execute assigned audits and projects in accordance to the audit plan. All audits must be of superior quality, completed accurately and in a timely manner.
• Proactively identify technology risks and develop recommendations for improvements to mitigate risks and bring programs and operations into compliance with the goals and objectives of Internal Audit.
• Interpret policy and procedure and apply professional principles and standards (i.e., IPPF, COBIT, COSO, ISO, and NIST) to test and evaluate corporate technology systems and related operational processes.
• Identify and analyze root causes of inefficient practices and propose alternatives by partnering with management to develop achievable solutions.
• Maintain effective relationships with business/technology groups at OCC and support a partnership with management in achievement of goals.
• Maintain an understanding of technology applications, policies and standards to effectively identify potential risks or creative alternatives to mitigate risk exposure.
• Keep current on best practices and emerging risks in the audit and technology field or within the financial services industry, making recommendations for improvements as necessary.
• Serve as a liaison with external auditors and regulators to help facilitate timely and efficient external reviews, knowledge transfer, and controls and process education.
• Lead engagements as assigned, monitoring either internal or co-sourced teams in the performance of normal or special request audit assignments.
• Perform other duties as assigned.
Requirements:
Knowledge of the principles, practices, and techniques involved in conducting information system audits in accordance with the requirements published by the Information Systems Audit and Control Association (“ISACA”) and in conducting audits in accordance with the requirements set forth in the International Standards for the Professional Practice of Internal Auditing published by the Institute of Internal Auditors (“IIA”).
• Demonstrated ability to gather, analyze, and evaluate facts, and prepare and present concise oral and written reports.
• Ability to communicate clearly and effectively, both orally and in writing, including the ability to handle potentially sensitive situations and discussions.
• Ability to work independently or as a team, prioritizing multiple audit assignments to simultaneously complete each in a timely fashion.
• Strong problem solving and analytical capabilities.
• Strong proficiency using TeamMate or other audit or GRC software.
• Familiarity with mainframe and distributed system technologies from an audit and controls perspective (i.e., MVS, ACF2, DB2, UNIX, Linux, Wintel)
• Knowledge of computer technology and systems analysis principles, design and operation, including system development lifecycle (SDLC).
• Business and systems process improvement skills.
• Data analysis tools experience such as ACL, IDEA, or SAS.
• Experience with automated vulnerability assessment tools (i.e., Nessus, Qualys, etc.).
• Network, routers, and Checkpoint firewall experience a plus.
• Bachelor’s degree (or equivalent) in Accounting, Finance, Information Systems or related field, with an emphasis in Information Technology.
• Minimum of four years of audit experience in Information Technology.
• Experience working in a highly complex IT environment required.
• Consulting/accounting firm experience is a plus.
• Experience working with regulatory organizations, particularly the SEC, CFTC, FINRA, a plus.
• Demonstrated success in leading audit projects and implementing audit best practices in a complex technology environment.
• Demonstrated success in identifying risks in highly complex IT environments for application systems development and infrastructure support and implementing controls/processes to mitigate those risks.
• Strong customer service and collaboration skills required.
Leave a Reply
You must be logged in to post a comment.