Location Burlington, North CarolinaJob ID 19-79024
Provide Business and IT management with guidance on IT risk management on application and infrastructure security.
Responsible for developing and maintaining the IT Risk Assessment for individual audits
Conduct audits as part of audit team and/or lead audit teams in performance of IT audits and reviews of systems, applications and IT processes. Prepare and report results to executives and Audit Committees. These include;
Perform pre and post- implementation reviews of system implementations or enhancements.
IT security audits (e.g. network, operating system and data center), including evaluating if security vulnerabilities are properly identified and mitigated. Coordinate the scope and performance of these reviews with business units and external security experts.
Evaluate information technology general computing controls and provide value added feedback.
Perform SOX ITGC, Application and interface controls testing, remediation and audit procedures.
Perform various other reviews of IT management policies and procedures such as change management, business continuity planning/ disaster recovery and information security to ensure that controls surrounding these processes are adequate.
Conduct audits or lead audit teams in operational / financial audits.
Education and Training:
Degree in Finance, Accounting or Computer Science
CISA (Certified Information Systems Auditor) certification preferred.
Understanding of multiple technology domains including software development, Windows, database management, networking, and UNIX (preferred).
Understanding of information security standards, best practices for securing computer systems, and applicable laws and regulations.
Managerial, Technical or Professional Experience
Minimum 5+ years of relevant IT Audit experience
Prior position in IT Governance/IT Audit -- internal audit or external auditing firm.
Progressive achievement in one or more of the traditional IT disciplines (applications, operations, infrastructure, and management).
Experience with IT Operations desirable.
Outstanding interpersonal and communications skills; ability to communicate effectively with technical and non-technical audiences.
Expert knowledge of internal auditing, internal controls, risk management, and finance and accounting practices and methods.
Comprehensive understanding of internal control environments within the IT function.
Experience with multiple technology domains including aspects of Windows, Unix and/or database administration, software development and networking.