PURPOSE OF THE POSITION:
The Senior Information Technology Auditor assists the IT Audit Manager in executing the internal audit plan. The Senior IT Auditor will participate and/or lead multiple engagements or projects focused on IT risk assessments, IT audits, SOX compliance, and other IT-related projects and initiatives. The Sr. IT Internal Auditor will act as a first-line application system and information technology resource for Internal Auditors.
(Top 5 should cover 80% of the important job functions)
- Assist the IT Audit Manager in the planning and execution of complex IT and integrated audits by testing controls associated with applications, system operations and supporting infrastructure including scheduling, processing, input/output, systems flow, automated controls and edits, data storage, and security procedures to ensure the integrity of information processing systems.
- Develop comprehensive risk-based internal audit programs, plan audits and execute fieldwork.
- Prepare work papers documenting procedures performed and that fully support audit findings.
- Ensure audit conclusions are based upon a complete understanding of the process, circumstances, and risk to the organization.
- Recommend improvements that are relevant, practical, and effectively address and corrects areas of control concern and communicate findings to process owners.
- Assist in the preparation of Internal Audit reports which include formal recommendations to management for review and implementation.
- Track and follow up on audit findings.
- Perform walkthrough and testing procedures on SOX IT controls (ITGCs and application controls), document testing results, communicate findings to the process owners and management, and audit follow-up to ensure remediation/implementation of recommendation.
- Coordinate management's review of SOC reports.
- Establish working relationships with IT and business units at various levels to identify and understand process changes or system implementations that are relevant to SOX compliance.
- Offer assistance and act as a resource/mentor to the Internal Auditors when needed.
(other important duties/responsibilities)
- Collaborate and coordinate with the external auditor on the IT SOX strategy and testing to optimize reliance opportunities.
- Assist in the utilization of technology based audit tools to support audit work, such as ACL, IDEA, SQL, R, etc. and may assist in the design of data analytics to support internal audits.
- Identify and implement ideas for improving department processes and procedures
- Maintain up-to-date knowledge of changes to relevant guidance (e.g., Sarbanes-Oxley Act of 2002 and PCAOB Audit Standards, PCI DSS, GDPR, etc.).
- Remain current and increase knowledge in the areas of auditing, relevant IT systems and applications, related technologies, and internal audit assessment methodologies and frameworks (COSO, IPPF, COBIT, NIST, ISO 27000-series) utilizing self-study and/or continuing education.
- Perform other job responsibilities and duties as assigned by department leadership.
- Bachelor's degree in Information Systems, Computer Science, or a related discipline.
- At least 3 years of meaningful experience in IT auditing to include at least 1 year of Sarbanes-Oxley experience.
- Exposure to COSO and COBIT principals and practical hands-on experience evaluating risk and developing internal audit programs.
- Excellent communication skills, both oral and written; able to express complex ideas in simple terms; well-developed interpersonal skills, including the ability to challenge; very strong analytical and quantitative skills; ability to rapidly assimilate knowledge of processes and systems.
- Strong organizational and time management skills; ability to independently complete and manage multiple assignments with varying deadlines.
- Possesses strong intellectual curiosity and business acumen. Must be a self-starter.
- Proficiency in Microsoft Office applications.
- Ability to work additional hours as needed and travel up to 10% required.
PREFERRED KNOWLEDGE, SKILLS, OR ABILITIES:
- CPA or CISA certification is highly desirable.
- Food service industry experience.
- Experience using or auditing ERP systems, LINUX and Windows operating system environments.
- Experience in data analytics.