Sr. IT Auditor
The Senior IT Auditor will drive IT audits, IT risk assessments, IT Control metrics and reporting, to ensure systems compliance with applicable regulatory requirements, as well as WOW! IT policies and procedures. This position will run multiple work-streams, lead IT internal audit projects, and external audit integration (including PCI, SOX, SOC 1 and 2, NIST, etc.), build and lead data analytics, and other audit techniques, assist with professional development activities, build strong relationships. You should come with dynamic energy and we would love it if you shared our Core Values. We truly believe in Respect, Integrity, Spirit of Service and Accountability. What are you waiting for? You can apply now and we will get in touch as soon as possible. We are excited to learn more about you. What you will be doing:
What were looking for: Education:
- Responsible for monitoring, auditing, and reporting on internal control design, and operating efficiency, across complex information systems, platforms, and operating procedures.
- Responsible for adherence to established timelines, risk-based prioritization methodology, planning procedures, fieldwork procedures, and reporting procedures.
- Leads and coordinates IT audit procedures to ensure compliance with corporate mandates including: SOX 404, PCI DSS, NIST, SOC 1 and SOC 2 reporting requirements.
- Dives into the details of technical business processes and practices to identify internal control deficiencies, and ensures the timely implementation of corrective actions are implemented to drive-down risk. Acts as a trusted advisor to key stakeholders and process owners.
- Gathers, analyzes, and reports data documenting internal control processes over financial reporting, payment card processing, etc.
- Coordinates efforts across multiple departments to ensure audit requirements are met within required timelines.
- Works with external and internal auditor(s) in the interpretation and monitoring of IT controls to ensure accurate scope and scrutiny are applied. Participates in testing and interacts with external auditors as needed.
- Establishes upward and downward information flow that is essential for the communication and reporting of critical risks throughout the organization.
- Builds automated audit/data analytic procedures and metrics where feasible.
- Conducts security research to keep abreast of latest security issues, advances, and changes. Utilizes knowledge of the current IT environment, technology trends and advancements, and communicates this information to the GRC team and leadership through written correspondence and verbal presentations to drive down risk and identify efficiencies.
- Strengthens internal control framework, through improved Policies, Procedures, and Training.
- Responsible for applying strong project management skills, inspiring teamwork, responsibility, and accountability with engagement team members, and using current technology and tools to enhance the effectiveness of deliverables and services.
- Data analytic, and reporting metrics and trends experience required.
- Bachelor's Degree in Computer Science, Information Security, Management Information Systems, or related field required
- CPA, CA, CISA, CISSP, CISM, CBCP, CIA or CFE certification preferred
- 4-7 years of forward-thinking experience in IT Audit and/or Information Security.
- Must possess strong knowledge of IT organization business processes and systems (IT Security, data management, architectural and planning, technology lifecycle management, regulatory concerns).
- Must have experience testing and evaluating effectiveness of IT general controls (change management, logical access, IT operations)
- Working knowledge of Payment Card Industry Data Security Standards (PCI DSS), and Sarbanes-Oxley Act of 2002 (SOX).
- Demonstrates and promotes commitment within teams, to live and work by the WOW! Core Competencies which include Customer Focus, Accountability, Situational Adaptability, Collaboration, and Effective Communications.
- Prior experience in public accounting.
- Prior HIPAA/SOC2 experience.
- Experience in Agile project methodologies.
- Working knowledge of COBIT 5, NIST CSF, and ISO 27000 series frameworks is preferred.
- Technical knowledge of operating systems and databases, including AS400, Windows, Unix/Linux, Oracle, SQLServer is preferred.
- Proficient with Microsoft Office applications (Word, Excel, PowerPoint, Access, Visio)
- Familiar with data analytic and automated audit techniques
- Familiar with agile project management practices and principles
- ServiceNow GRC preferred
- SQL knowledge preferred
WOW is an Equal Opportunity Employer/Minorities/Women/Protected Veterans/Disabled/Sexual Orientation/Religion/Gender Identity employer