Sr IT Controls and Compliance Auditor

Our client, a real estate technology company in Miami, FL, is in need of a Senior IT Controls and Compliance Auditor for a three-month contract-to-hire position. Working initially in a hybrid model of three days/week onsite, then onsite daily once a full-time employee, this position will lead an audit team and create an audit program. The Auditor will review SOC 1 and 2 reports, create certifications to validate the decisions of reviewers, help train reviewers on SailPoint, and support the DSAR process.

Responsibilities:

• Conducts internal, information technology audits and rigorous control self-testing programs to ensure controls are designed adequately and working effectively to mitigate information technology and security risks within agreed policies, procedures, standards and risk limits.
• Audits, assesses and ascertains that controls and processes are in place to ensure that information technology risks have been adequately managed and in line with business priorities.
• Serves as a subject matter expert on information technology policy, standards and framework and proactively bridges the gap between control requirements, technical issues and business risks.
• Proactively researches changes in the industry, information technology governance and external risk compliance landscape.
• Ensures information technology risk management practices are embedded in the enterprise and that systems and data criticality and sensitivity are defined.
• Constructs corrective action plans for resolution of control weaknesses and provides expert guidance on how to avoid and prevent similar situations in the future.
• Delivers key performance indicators on audit issue and control weakness closure rate. Conduct testing and validation of remediation action plans and enhancements to control routines.

Required skills:

• 8+ years of technical audit and/or related governance experience with working knowledge of information technology governance, information technology quality assurance, and/or information security risk assessment
• Must have experience with DSAR process
• Must have experience with Disaster Recovery and Business Continuity

Strong identity/access management experience, preferably experience with SailPoint

Knowledge and experience auditing Information Technology and Cloud Security controls in accordance with SOX, COBIT, NIST, ISO, etc.

Strong Excel skills - VLOOKUP, XLOOKUP, Macros, etc.

Excellent communication and program management skills

Experience with AuditBoard preferred

CISA certification highly preferred