Senior IT Auditor

About The Position

Requirements

• Bachelor's degree in information systems, accounting/finance, or a related IT field.
• Three (3) years of information systems audit, control, assurance, or security experience, including at least one year as a lead information technology auditor.
• CISA certification may substitute for one (1) year of work experience (but not the lead IT auditor experience).
• Possession of a valid Class C driver's license.
• Knowledge of logical access controls for the identification, authentication, and restriction of users to authorized functions and data.
• Knowledge of security controls related to hardware, system software (e.g., applications, operating systems), and database management systems.
• Knowledge of the configuration, implementation, operation, and maintenance of network security controls, and network and Internet security devices, protocols, and techniques.
• Knowledge of IT architecture related to data, applications and technology (e.g., distributed applications, web-based applications, and web services).
• Knowledge of the principles, practices, and techniques of auditing.
• Skill in developing retrievals, queries, and reports of computerized information.
• Skill in monitoring the acquisition and development of complex information systems.
• Ability to communicate clearly and effectively, both orally and in writing, including the ability to interview persons to extract politically sensitive information.

Nice To Haves

• Master's degree in information systems or a related field.
• Certified Information Systems Auditor (CISA) designation.
• Experience performing information systems audits in the Oracle and PeopleSoft environments.
• Experience using ACL, MicroStrategy BI, and TeamMate.

Responsibilities

• Performs all phases of multiple, concurrent information systems audits and other projects, including complex, highly technical, politically sensitive, and confidential assignments.
• Based on a broadly stated objective, develops subobjectives, detailed audit plans, and time budgets for assigned projects. Schedules activities to meet completion dates.
• Determines sources and availability of information; determines data collection strategies; and selects the data sources required to accomplish program steps and satisfy the objectives of the project. Reviews records and other documentation.
• Interviews Board employees, contractors, vendors, etc., and observes procedures/ activities to gather facts and gain an understanding of the program.
• Determines the type and amount of analysis necessary to develop findings or resolve audit issues; evaluates the sufficiency and competence of evidence; identifies and analyzes the possible causes of problems noted; and draws conclusions and forms recommendations from the results of these analyses.
• Creates workpapers and internal and external correspondence; drafts formal audit reports.
• Assists other staff by providing retrievals of computerized information and data, advising as to technical issues and practices, and developing databases and reports.
• Follows up on the status of open audit recommendations.
• Reviews and monitors the acquisition and/or development of complex technological and computerized systems and makes real-time recommendations to address risks.
• Directs and/or participates in meetings with auditees to encourage understanding and acceptance of project results, to understand the auditee’s position regarding the results of the audit, and to resolve any issues regarding management’s position. Makes presentations to all levels of the organization.
• Reviews and comments on current or proposed information systems policies and procedures, procurement actions, analyses, contracts, etc.
• Establishes and maintains effective and constructive working relationships in furtherance of Board objectives with people at all levels, both inside and outside the organization.