IT Senior Auditor - Controls Assurance & IT Compliance

Every day Global Payments makes it possible for millions of people to move money between buyers and sellers using our payments solutions for credit debit prepaid and merchant services. Our worldwide team helps over 3 million companies more than 1300 financial institutions and over 600 million cardholders grow with confidence and achieve amazing results. We are driven by our passion for success and we are proud to deliver best-in-class payment technology and software solutions. Join our dynamic team and make your mark on the payments technology landscape of tomorrow.

Summary of This Role

The Senior IT auditor will be responsible for managing the execution of SOC1 and SOC2 audits over the Merchant business on prem and cloud-based products and services as part of the companys SOC project portfolio. This position will also play a key role in the execution of the related SOC 1 and SOC 2 reports. As a liaison for external auditors that issue the reports and internal IT and business teams the Senior Auditor ensures comprehensive project management and execution of the SOC 1 & SOC 2 audit requirements as well as in coordination with the SOX IT Audit program manager elements of the companys SOX IT program.

What Part Will You Play

• Works with internal business leaders to understand the current mainframe distributed and cloud environments to document controls in support of SOC and SOX scope.

• Works with external audit firms to ensure documented controls meet SOC 1 and SOC 2 framework requirements.

• Works with the Controls Assurance (CA) team to lead testing (including both executing and reviewing control testing) of new controls in alignment with Internal Audit ASG) and C A testing and documentation standards.

• Works with existing Controls Assurance team members to assess the current control environment and assess controls as translated into the new environments to ensure consistent control coverage between current and future state.

• Fosters and maintains strong relationships throughout the company to support audit execution responsibilities. Viewed as a partner with IT and business leaders to understand the business and assist in designing and delivering the required audit services to meet business customer and regulatory requirements.

• Establish trusted relationships to support delivery of effective successful and well-received audit services. Considered a go-to leader within the organization regarding risk and control matters.

• Ensures SOC reports support our customers use of Global Payments solutions by understanding Global Payments businesses and the integration of product/service operations and technology that impact internal controls supporting our clients financial data processing and information security environments.

• Conduct assurance reviews and audits to evaluate the design and effectiveness of controls supporting the companys business processes and information systems.

• Lead and execute all aspects of the audit process including planning risk assessment controls identification client coordination fieldwork data analysis work paper documentation reporting and remediation validation with direction from senior team members.

• Understand business and IT processes to identify risks and evaluate internal controls.

• Document thorough understanding of business processes including the role of technology in supporting the process. Effectively perform testing of automated business process controls and IT general controls.

• Identify new and assess existing information technology control design and operating effectiveness particularly related to application and infrastructure logical access change management and operations as well as more common information security considerations.

• Evaluate root cause factors extent of risk and mitigating/compensating controls for audit testing exceptions and work with internal leaders to craft management responses for SOC reporting..

• Provides first level of detail review of work paper documentation to ensure audit testing work papers are documented in a consistent and high quality manner while executing project tasks in adherence to established timelines.

• Partners with the project manager to assess the adequacy of the corrective action(s) taken by management stakeholders or process owners to improve governance risk management and control issues.

• Tracks and reports project status and milestones to project leadership and/or management.

• Discusses audit results their impact and recommendations for corrective actions with the project manager external audit partners and/or management.

• Build and develop ASGs brand within the company through meaningful relationship building.

• Coordinate audit activities with management co-source providers and external auditors.

• Enable continuous improvement of ASG by identifying and communicating enhancement opportunities to department leadership.

• Support the development of other team members within ASG.

What Are We Looking For in This Role

Minimum Qualifications

• 3-5 years of relevant audit and risk management experience.

• Knowledge of auditing principles and practices and the analysis and reporting of audit information. knowledge of IPPF Standards IIA best practices auditing principles and practices as well as the analysis and reporting of audit information.

• Bachelors degree in Accounting Auditing Business Management Information Technology or other similar degrees.

• Significant experience and expertise with common internal control frameworks and guidance including Sarbanes-Oxley SSAE 18 (SOC 1 and SOC 2 both type 1 and type 2 reports) and 2017 AICPA Trust Services Criteria for a SOC 2.

• CIA CISA CISM CISSP CCAK CPA or other relevant certification(s).

• Big Four audit experience preferred.

• 10-15% travel requirement including some international travel.

Preferred Qualifications

• Experience with multiple internal control frameworks including NIST Cloud Controls Matrix AWS Cloud Adoption Framework COBIT FFIEC PCI-DSS ISO27001 and ITIL

• Big Four or similar firm audit experience.

• Card Issuing Payment Processing Financial Services industry Merchant Acquiring and Consumer and Business Financial Solutions experience

What Are Our Desired Skills and Capabilities

• Audit and/or consulting experience in all these areas:

  • Cloud security framework auditing

  • Mainframe auditing including IT infrastructure design management operations and security

  • SOC 1 and SOC 2 requirements project management control testing and best practices

  • SOX IT control testing and regulatory requirements

  • Information and data security for payment card data and publicly-identifiable information

  • General IT control testing including IT infrastructure design management and operations

  • Operational and financial control testing

• Ability to work in a complex fast-paced and dynamic environment.

• Ability to identify controls and create and execute test plans with little to no prior year documentation for newly identified controls.

• Ability to think dynamically about ad-hoc reporting and project oversight deliverables to create meaningful reporting for internal leadership and external clients.

• Demonstrates project management and execution skills including prioritizing tasks balancing workload anticipating next steps and adapting to change.

• Strong communication and presentation skills with an ability to tailor communications to different audiences.

• Prepare clear concise and accurate documentation and audit reports.

• Pursue work with enthusiasm energy drive and team collaboration.

• Establish and build effective and trusted relationships.

• Collaborate with management and senior leadership to strengthen the companys internal controls and processes.

• Partner with ASG team members to adopt and optimize audit processes and technology.

• Proactively communicate issues with ASG external audit and internal stakeholders and obtain agreement on audit findings and practical recommendations with control owners prior to presentation to management.

Global Payments Inc. is an equal opportunity employer. Global Payments provides equal employment opportunities to all employees and applicants for employment without regard to race color religion sex (including pregnancy) national origin ancestry age marital status sexual orientation gender identity or expression disability veteran status genetic information or any other basis protected by law. If you wish to request reasonable accommodations related to applying for employment or provide feedback about the accessibility of this website please contact .