Qualifications
Basic Qualifications:
• Bachelor´s Graduate (Degree in Computer Science/ Electronics/ IT Engineering, Information Systems, Business Administration is preferred)
• Certification in Auditing and Information Security Domains (at least one of the following: CIA, CISA, CISSP, CCSK)
• Knowledge in Cloud Security – Azure Security (AZ500) and/or AWS Certified Solutions Architect
• At least 10 years of experience in information technology auditing, combined audit/IT audit, or relevant information security or information technology roles. (8 years of relevant experience; 10 years+ total work exp)
• 5 years of team management experience
Good-to-have:
•Understanding of industry standards including ISO27001, ISO 20K, NIST 800-53, PCI DSS, HIPAA, GDP)
Professional Skills:
• Excellent verbal and written communication skills; interpersonal and presentation skills
• Proven management and organizational skills
• Ability to train, develop, and motivate team members.
• Demonstrated leadership in professional setting; either military or civilian
• Demonstrated teamwork and collaboration in a professional setting; either military or civilian
• Ability to adopt flexible work hours to collaborate with global teams and travel (up to 20%).
Job Description:
The Internal Auditor performs audit projects in accordance with the company's audit methodology and The Institute of Internal Auditors' ("IIA") International Standards for the Professional Practice of Internal Auditing. The Internal Auditor-Information Technology focuses on audit projects that involve cyber/data security, computer operations, and IT compliance.
The Internal Auditor effectively executes a wide range of Internal Audit activities in a high-quality and timely manner. In their role, they perform activities that include planning and developing work programs, identifying recommendations for continuous improvement in global processes and controls, communicating results, and following up on issues reported. They are also responsible for audit strategy development, organization risk assessment/planning, and completion of special requests for the company's Management and the Audit Committee.
Key Responsibilities
Depending on the role/organization the Internal Auditor-Information Technology belongs to and their career level, some or all of the following key responsibilities will apply:
• Participates in the detailed execution and communication of the risk-based work plan, including Company Management and Audit Committee special project requests.
• Verifies the adequacy of information technology (IT) operating procedures of the company through a systemic program of audits.
• Assists in development of the Company's annual audit plan and schedule.
Manages audit work, including audit work plan, work papers, findings, and associated reports.
• Prepares and oversees the preparation of audit reports and work papers to ensure adequate documentation exists to support the completed audit and conclusions.
• Conducts IT integrated audits with operational, compliance, financial, and investigative audit teams, as assigned.
• Manages cyber/data security, IT operations, IT service delivery, and compliance audits, as assigned on a wide-ranging scope of audits with an emphasis on assessing emerging areas of risk including cyber security, artificial intelligence, cloud computing, robotic process automation, and the Internet of Things
Identifies, recommends, and reports improvement opportunities for global processes and controls.
• As appropriate, identify opportunities for continuous improvement of technology, security, financial, and other processes, and evaluation of organization-driven risk.
• Manages auditee relationships, including facilitating meetings, discussions of findings, and presenting draft and final reports in a professional manner.
• Prepares well-written and timely audit reports and high-quality presentations for leadership and board-level reporting.
• Develops audit skills and establishes/maintains relationships related to the risk areas assigned.
• Contributes to appropriate skilling of the IA team (e.g., recruiting, training and development, coaching/mentoring, and providing career growth opportunities).
• Keeps abreast of company policies and procedures, current developments in technology and auditing professions, and changes in local, state, and federal laws