Senior Internal Auditor - IT

The Senior Internal Auditor - IT independently executes risk-based IT audits, evaluates controls (ERP, SDLC, security, cloud, ITGC), identifies risks and root causes, and develops remediation plans. This role involves SOX compliance, collaborating with stakeholders and external auditors, and driving process improvements. Requires 2-4 years of IT audit/security experience, relevant certifications (CISA/CIA/CPA preferred), and strong analytical, communication, and project management skills.

Primary Duties & Responsibilities

• Based on IT related regulations and business strategy, assist in establishing risk-driven IT audit plan.
• Independently execute IT audit plan, develop audit test program, identify and evaluate risks and internal controls of IT auditable areas, identify root cause of the audit findings, and present to the auditees.
• Examine IT controls, evaluate the design and operational effectiveness, determine exposure to risk and assist business and IT to develop remediation plans.
• Follow-up on IT control deficiencies and improvement opportunities to ensure remediation is undertaken and performed in a timely manner.
• Help facilitate and coordinate audit activities undertaken by external auditors.
• Assist new business units with initial process and control documentation efforts. 
• Evaluate and identify best practices among business units for optimal efficiency, and alignment with organizational policies and business needs. 
• Collaborate effectively with cross-functional teams to implement action plans, enhance business processes and on new guidance.

Education & Experience

• B.S. or B.A. in management information systems, computer science, finance, accounting, or related fields
• Professional certifications of CISA, CIA, and/or CPA, preferred
• Minimum of 2 – 4 years of experience in IT Audit, Information Security or other Computer system related field. 
• Understands SOX reporting requirements and regulations 
   

Skills

• Experience auditing ERP application controls, system development life cycle (SDLC), information security assessments, cloud computing and IT General Controls
• Working knowledge of Oracle and SAP applications
• Understanding of operating systems and network infrastructure components
• Experience performing complex data analysis using Excel and ACL
• Ability to work independently with minimal guidance from supervisor on specific tasks
• Experience with leading multiple projects and meeting established deadlines
• Ability to work cross-functionally and across various levels within the company
• Set a high standard of ethics, professionalism, and competency