We are seeking a IT Audit Risk Senior to join our team in Florida. This position will be responsible for planning and performing IT/Internal audits related to Financial, Business Process and Compliance Audits, including Service Organization Control (SOC) reports and Sarbanes Oxley (SOX) compliance.
Travel
Time will be spent in the field at client sites, Approximately 30% of domestic travel.
Responsibilities - Conduct IT, governance, compliance, and security audit programs by understanding organization objectives, structure, policies, processes, internal controls, and external regulations.
- For scheduled audits assist in the risk assessment, planning, and audit program development processes. Actively participate in planning, entrance, and/or exit meetings.
- Complete audit work papers by documenting audit tests and findings.
- Document systems, processes, and controls using narratives.
- Understand and communicate the downstream impact on the business of control deficiencies.
- Identify and recommend business process changes resulting in strengthened internal controls as it relates to operations, compliance or reporting (financial or non-financial) objectives.
- Collect and analyze complex data, evaluating information and systems, and drawing logical conclusions.
- Perform risk analysis of functions and activities to determine the nature of operations and the adequacy of the system of internal control to achieve established objectives.
- Plan, participate in/or execute assigned SOX testing and special projects. Preparation of SOX plans, scheduling and communications.
- Work closely with clients' business, technical and project teams.
- Provide oral or written presentations to clients and management during the audit and at the conclusion of each audit or special project.
- Prepare formal written reports for each audit as directed by the Senior Manager, expressing an opinion on the adequacy of the internal control structure and its ability to support the goals and objectives at the client.
- Perform technical reviews of application controls to identify new/emerging risks and evaluate the impact of these risks within the overall control environment.
- Work on multiple projects simultaneously and manage priorities to meet deadlines.
- Conduct special purpose or consulting assignments.
- The selected individual must be a self-starter, have the capability to lead, start and complete assignments with the help of a team, be part of a team, or individually as needs to be and work closely with middle and senior level management in order to meet engagement objectives.
Qualifications - Bachelors or Masters in Accounting and/or Computer Science or related areas.
- CISA, CIA, CFE, CISSP, CRISC, CRMA, ITIL or COBIT are highly preferred certifications.
- 3 or more years minimum general Internal/IT control experience. Internal Control and experience with SOX 404a/b are key.
- Experience working in an IT audit, security, system or network administration or similar position is highly preferred.
- Knowledge of and experience in utilizing various methodologies and frameworks, including IPPF, ITAF, COBIT, COSO, ITIL, PCI, ISO 20000 and or ISO 27001/27002 is highly preferred.
- Knowledge of management information systems terminology, concepts, and practices.
- Technical knowledge and experience in administration or assessment of firewalls, LAN, WAN, operating systems (Windows and Linux), databases, SaaS and other technologies highly preferred.
- Experience in assisting with the creating of assessment/audit programs.
- Experience with planning and project management.
- Experience in using CAAT, such as ACL or IDEA.
- Proficient in MS Word, Excel (advanced), PowerPoint, Access and Visio.
- Ability to work independently under general supervision with considerable latitude for initiative and independent judgment.
- Effective verbal and written communications, including active listening skills and skill in presenting findings and recommendations.
- Ability to establish and maintain harmonious working relationships with co-workers, staff and clients, and to work effectively in a professional team environment.
- Ability to multi-task.
- Comfortable working multiple projects simultaneously.
- Work ethics and ability to maintain independence and objectivity at all times.
