IT Auditor

MUST HAVE SKILLS:

1) IT SOX Audit/Controls testing experience,

2) Technical security assessments (network/infrastructure layer)

3) BIG 4 (Highly preferred)

4) Certifications (i.e. CISA, CISSP, CRISC).

Qualifications
• Bachelor’s degree in Computer Science or related field, or equivalent work experience
• 3years of general IT experience, including IT security or IT risk management experience
• Utility Industry Experience

• Big 4 experience
• Demonstrated experience with Sarbanes Oxley or National Institute of Standards and Technology (NIST) SP800-53 security controls catalog.

At least one existing certification from the following list, which must be currently maintained and valid: certification:
• Cisco Certified Networking Associate (CCNA)
• Certified Information Systems Auditor (CISA);
• Certified in Risk and Information System Control (CRISC);
• Certified Internal Auditor (CIA);
• Certified Information Systems Security Professional (CISSP);

Knowledge, Skills, and Abilities

• Strong oral and written communication skills
• Strong analytical skills
• Understanding of application, database, network and systems security
• Understanding of general computing controls (GCCs)
• Able to identify complex control gaps
• Understanding of generally applicable and accepted auditing standards and framework (e.g. COBIT) and best practices for IT services management (e.g., ITIL), regulatory standards and requirements (e.g. Sarbanes Oxley Act, NERC CIP v5)
• Excellent planning, organizational, and project management skills
• Able to multi-task projects or assessments
• Ability to work with minimal supervision in a fast-paced environment
• Detail oriented
• Background in process development and process improvement