Senior IT Auditor

Responsibilities:

• Conducts internal, information technology audits and rigorous control self-testing programs to ensure controls are designed adequately and working effectively to mitigate information technology and security risks within agreed policies, procedures, standards and risk limits
• Audits, assesses and ascertains that controls and processes are in place to ensure that information technology risks have been adequately managed and in line with business priorities
• Serves as a subject matter expert on information technology policy, standards and framework and proactively bridges the gap between control requirements, technical issues and business risks
• Proactively researches changes in the industry, information technology governance and external risk compliance landscape
• Ensures information technology risk management practices are embedded in the enterprise and that systems and data criticality and sensitivity are defined
• Constructs corrective action plans for resolution of control weaknesses and provides expert guidance on how to avoid and prevent similar situations in the future
• Delivers key performance indicators on audit issue and control weakness closure rate
• Conduct testing and validation of remediation action plans and enhancements to control routines
• Engages the Enterprise Security Office as appropriate in support of security related control testing and remediation as warranted
• Incorporates business strategy into decision making process; Mentors less experienced associates on strategies
• Takes ownership within area of expertise; Provides guidance to others
• Identify opportunities to make improvements within their area of responsibility
• Creates and presents implementation plans approved by senior leadership

Primary Skills :

* Strong awareness and knowledge of the following areas of information technology: cloud computing and security, governance, service management, and security authoritative sources providing control and control measurement best practices
* Ability to provide recommended actions toward the design and operation of control measures and routines to ensure compliance with information technology and security standards, polices and applicable regulations
* Knowledgeable in all aspects of system development lifecycle; Influences methodology
* Aligns solutions with IT strategy and standards
* Advanced proficiency in assigned area; Building skills in multiple areas
* Proposes functional designs, alternatives, and solution approaches to meet specific requirements
* Independently solves complex problems in core technologies; Understands interrelationships with other areas
* Demonstrate effective working relationships with key stakeholders
* Proficient in Excel VLOOKUP and XLOOKUP; Write and read SQL scripts for data searches
* Prioritizes work based on business drivers; takes ownership of changes in priority
* Excellent communication skills, both verbal and written