Senior Internal Auditor
Share
Job Location:
Overland Park, KS - USA
Monthly Salary:
Not Disclosed
Posted on:
10 hours ago
Vacancies:
1 Vacancy
Department:
Job Summary
Description
The SR Internal Auditor (IT) is responsible for executing and at times leading assigned information technology audits under the direction of the Internal Audit Manager. This position will participate in audits that include a wide array of technology processes such as cloud migration and operations information security operations infrastructure design and management software development lifecycle business continuity and disaster recovery planning etc. The primary focus of this position will be assisting in the execution of the annual audit plan including financial audit engagements such as the integrated audit and SOX (testing of IT General Controls and financial application controls) and other information technology-related operational audits and reviews.
Responsibilities
With general guidance conduct risk-based audits including all aspects of the audit lifecycle including risk assessment planning client coordination fieldwork data analysis workpaper documentation reporting and remediation validation with direction from senior team members.
Audit engagements will have a strong focus on information technology and information security controls including evaluation of the design and effectiveness of internal controls. Auditor will also focus on the integration of IT and business process risk considerations within the audit process.
Evaluate key information security risks including confidentiality integrity and availability of technology components through review of security operational processes such as vulnerability management penetration testing security logging and monitoring security incident response and defense in depth strategies.
Ensure audit testing work papers are documented in a consistent and high quality manner while executing project tasks in adherence to established timelines.
Reviews work completed by outsourced resources as needed.
In coordination with the Internal Audit Manager evaluate root cause factors for audit testing exceptions and recommend practical solutions that reduce risk and strengthen business process and controls.
Monitors open audit issues and reviews remediation activities implemented by Management.
Demonstrate an understanding of IT managed processes including technology architecture system build and provisioning configuration management performance monitoring incident management change management user access management disaster recovery etc.
Information security operations including vulnerability management penetration testing centralized log management customized security monitoring/alerting threat intelligence practices and security incident response
Application security including secure coding practices segregation of duties and least privileged access concepts
Integration of business process controls with supporting technologies. Business process workflow documentation including identification of key risks and the corresponding business and technology controls
Systems development project management and change management
IT and cloud infrastructure design management and operations
Business continuity and disaster recovery
SOX and SSAE18/SOC control testing
Demonstrate strong project management and execution skills including prioritizing tasks balancing workload anticipating next steps and adapting to change.
Tailor project approaches based on areas of key risks; critically evaluating audit procedures to maximize the value of each audit project.
Effectively communicate risks requirements audit findings and recommendations verbally and in writing.
Collaborate with management and senior leadership to improve internal controls and processes.
Support Internal Audits brand within the company through meaningful relationship building.
Travel as needed (<10%)
Audit engagements will have a strong focus on information technology and information security controls including evaluation of the design and effectiveness of internal controls. Auditor will also focus on the integration of IT and business process risk considerations within the audit process.
Evaluate key information security risks including confidentiality integrity and availability of technology components through review of security operational processes such as vulnerability management penetration testing security logging and monitoring security incident response and defense in depth strategies.
Ensure audit testing work papers are documented in a consistent and high quality manner while executing project tasks in adherence to established timelines.
Reviews work completed by outsourced resources as needed.
In coordination with the Internal Audit Manager evaluate root cause factors for audit testing exceptions and recommend practical solutions that reduce risk and strengthen business process and controls.
Monitors open audit issues and reviews remediation activities implemented by Management.
Demonstrate an understanding of IT managed processes including technology architecture system build and provisioning configuration management performance monitoring incident management change management user access management disaster recovery etc.
Information security operations including vulnerability management penetration testing centralized log management customized security monitoring/alerting threat intelligence practices and security incident response
Application security including secure coding practices segregation of duties and least privileged access concepts
Integration of business process controls with supporting technologies. Business process workflow documentation including identification of key risks and the corresponding business and technology controls
Systems development project management and change management
IT and cloud infrastructure design management and operations
Business continuity and disaster recovery
SOX and SSAE18/SOC control testing
Demonstrate strong project management and execution skills including prioritizing tasks balancing workload anticipating next steps and adapting to change.
Tailor project approaches based on areas of key risks; critically evaluating audit procedures to maximize the value of each audit project.
Effectively communicate risks requirements audit findings and recommendations verbally and in writing.
Collaborate with management and senior leadership to improve internal controls and processes.
Support Internal Audits brand within the company through meaningful relationship building.
Travel as needed (<10%)
Qualifications
A degree in Computer Information Systems along with Accounting or Finance is highly desired
2-4 years of IT Audit Experience Required
A professional certification such as Certified Information Systems Auditor (CISA) Certified Public Accountant (CPA) or Certified Internal Auditor (CIA) is preferred
Experience with internal control frameworks including COBIT PCI DSS NIST Sarbanes-Oxley and ITIL is preferred
Experience with technology infrastructure specifically AWS/Azure/GCP cloud security network devices UNIX/LINUX Windows SQL Server and Oracle database platforms
Public Accounting experience is strongly preferred
Establish and build effective relationships; ability to be flexible in audit approach as a partner to external auditors and internal management
Strong communication skills with an ability to tailor communications to different audiences
Pursues work with enthusiasm energy drive and team collaboration
Hybrid work environment
2-4 years of IT Audit Experience Required
A professional certification such as Certified Information Systems Auditor (CISA) Certified Public Accountant (CPA) or Certified Internal Auditor (CIA) is preferred
Experience with internal control frameworks including COBIT PCI DSS NIST Sarbanes-Oxley and ITIL is preferred
Experience with technology infrastructure specifically AWS/Azure/GCP cloud security network devices UNIX/LINUX Windows SQL Server and Oracle database platforms
Public Accounting experience is strongly preferred
Establish and build effective relationships; ability to be flexible in audit approach as a partner to external auditors and internal management
Strong communication skills with an ability to tailor communications to different audiences
Pursues work with enthusiasm energy drive and team collaboration
Hybrid work environment
Required Experience:
Senior IC
Key Skills
- Auditing
- Data Analytics
- COSO
- IT Auditing
- Accounting
- Visio
- Analysis Skills
- COBIT
- SOX
- Financial Analysis
- Financial Modeling
- Internal Audits
About Company
Tyler offers public sector software solutions designed specifically for the unique needs of state, local, and federal government organizations and school districts.
