Senior IT Internal Auditor

Job Summary

The Senior IT Internal Auditor is responsible for assisting the Internal Audit Manager in preparing an annual IT audit risk assessment for the purpose of developing an IT Audit Plan. Based upon the risk assessment, the Senior IT Internal Auditor performs internal audits of the Company’s information technology and information security policies, procedures, systems, applications, databases, processes and controls. Preferred applicants will reside within a commutable distance to our Marietta, PA office. 

Responsibilities and Duties

• Review policies and procedures in place to maintain the effectiveness of information technology and information security processes and controls
• Assess compliance to defined regulations, frameworks, standards, policies and procedures. Report instances of non-compliance to senior management and provide recommendations for improvement
• Plan and perform IT audits, including risk assessment, audit scoping, audit program development, fieldwork and reporting. This position is expected to provide recommendations for improvement, as applicable.
• Perform annual SOX and operational IT general and application control design and operating effectiveness testing. When issues are identified, communicate issues to management clearly and concisely and work with management in remediating identified control deficiencies.
• Facilitate annual application access review performed by the Company
• Assist the Legal department in the maintenance of and compliance with the data retention policy
• Assist the Internal Audit Manager as requested and in support of the annual internal audit plan and annual external audit
• Consider additional ways to perform continuous auditing and monitoring in an automated environment
• Collaborate with Company IT personnel and project teams on risk identification, mitigation and control/compliance requirements for new systems and/or processes
• Remain current with emerging IT risks, technologies, regulatory requirements and best practices regarding IT governance, risk management and compliance.
• Ensure duties are performed in adherence to all Federal, State, and Local laws and regulations
• Comply with guidelines, policies, and directives outlined in the company handbook and department manuals
• Provide timely, courteous, and quality customer service and communication to internal and external customers
• Clearly demonstrate commitment and participation to team goals and objectives
• Ability to work in a team, build strong working relationships and communicate effectively in written and oral form
• Ability to work independently and effectively manage and prioritize multiple projects with varying due dates and requirements

Qualifications and Skills

• Bachelor’s degree in Computer Science, Information Technology, Accounting, or a related field.
• CISA is preferred. Additional certifications such as CISSP, CIA, CPA, and CISM are desirable.
• 5+ years of experience in IT auditing, information security, IT risk management or related fields. Experience performing audits in various IT environments, including network infrastructure, cloud based applications, cloud computing, and various IT operating systems, networks and databases.
• Strong knowledge of IT governance, risk and control frameworks such as COBIT and NIST.
• Exposure to AuditBoard GRC platform.
• Ability to interface with all levels of management and strong interpersonal skills.