The IT Auditor conducts IT audit assignments evaluating the risks and internal control effectiveness of Company’s IT environment. The role is responsible for annual IT SOX (general IT and application controls) and PCI DSS compliance testing. Position offers a rare, balanced mix of compliance and non-compliance projects that provides for a broad IT auditing experience. Non-compliance work driven by periodic IT risk assessments, annual ERM process, and management-requested efforts to ensure projects are relevant and providing value.
Your Key Job Functions
•As a key priority initiates and maintains effective relationships with management and process owners and identifies significant risks and related controls within their business. Seeks to increase customer satisfaction while challenging the status quo and enhancing the Company’s control environment.
•Acts with a sense of urgency with regard to project timelines and risk mitigation. Ensures closure of issues while considering a broader understanding of Company strategy. Grasps complexities, perceives relationships among projects, and includes others in problem-solving efforts. Creates an atmosphere in which timely and high quality information flows smoothly between self and others.
•Performs all activities related to Sarbanes-Oxley Section 404 (SOX) and Payment Card Industry Data Security Standard (PCI DSS) including: risk assessment, scoping, requirement/control documentation, testing of design and operating effectiveness, remediation consulting and testing, project management/status tracking and reporting.
•Understands and evaluates the internal control and risk environment. Conducts complex engagements that are designed to assess the organization’s information technology (IT) risk exposure and recommend any needed enhancements to IT business systems, processes, and controls.
•Supports the Internal Audit department by participating in a variety of projects. Projects may include, but are not limited to, risk-based audits, risk assessments, managed-requested projects covering cybersecurity, data privacy, information security, third party risks, IT operations and system configuration.
•Prepares comprehensive, well-written Internal Audit Reports summarizing the review results. Conducts closing meetings and presentation of IT audit results. Follows-up on status of prior IT audit recommendations to ensure report recommendations are implemented on a timely basis.
•Fosters collaboration between individuals, teams and departments. Participates in and supports culture of receiving and providing priceless feedback to win together.
•Actively pursues learning and self-development. Routinely incorporates in work up-to-date knowledge of the profession and industry.
What You Bring to the Team
•Bachelor’s degree in Accounting, CPA highly preferred. (not required)
•Minimum 3-5 years of IT Internal Audit experience including IT SOX, PCI DSS compliance testing and risk assessment.
•CISSP, CISA, and/or relevant technical certification (not required).
•Possesses strong understanding in the areas of technology infrastructure and information security: Infrastructure (Windows, iSeries/AS400, Linux), Database Architecture (SQL Server, Oracle), Network Devices, and Active Directory.
Expert knowledge of Excel and or a data analytic tool
•Experienced in SOX General IT Controls testing.
•Experience in PCI DSS compliance, cybersecurity and/or information security testing is preferred, but not required.
•Solid understanding of General Computer and Application controls.
•Possesses knowledge of common exploits, vulnerabilities and countermeasures.
•Proven ability to communicate technical and security-related concepts to a broad range of technical and non-technical staff.
•Technical experience as a Database Administrator (DBA), Software Developer/Programmer or Infrastructure role is preferred, but not required.
•A self-starter with strong project management experience with the ability to multi-task and meet project timelines.
•Strong communication skills; comfortable working collaboratively with internal and external partners.
Richard Bower, Technical Recruiter, Judge Technology Solutions
12700 Park Central Drive, Suite 1070 Dallas, Texas 75251
Click to learn more about Judge’s Technology, Talent & Learning Solutions
people powered business solutions