One of Esteemed's clients is seeking an IT Auditor for a Direct Hire job opportunity!
Location Designation: Hybrid
This position will play a role in all phases of IT audits, including planning, scoping, control assessment, test design and execution, and reporting. The position will be based at the Company’s headquarters in New York City and expected to follow a hybrid schedule of on-site and remotely. The position will report directly to a Corporate Vice President on the IT audit team. The role focuses on technology audits and advisory services, as well as integrated audits within the insurance, agency, investments, and corporate functions universe. This position will also be responsible for assisting with ongoing risk assessment and continuous monitoring activities.
Specific responsibilities include:
- Participate in planning, scoping, and executing IT audits using department methodology under the direction of the audit in-charge. Independently lead walkthroughs with stakeholders, formulate risks, and controls, and execute testing to address the risks in alignment with the scope including designing test attributes, determining sample sizes, and evidence requirements.
- Work closely with the operations audit teams to understand business processes and associated application controls as part of integrated audits. Participate in planning, scoping, and executing integrated audits with the operations audits teams as needed.
- Communicate efficiently with clients during audits and articulate scope, evidence requests, testing rationale, follow-ups, and audit findings outlining risk and root cause. Contextualize findings in terms of risk to the company/strategy and any downstream cross-functional effects.
- Provide timely updates on audit status and early indication of findings to the audit in-charge along with suggested next steps. Proactively seek tasks and independently manage time to align with available capacity. Independently execute multiple concurrent priorities alongside audits such as issue validation, stakeholder relationship management, department initiatives, etc.
- Coordinate with other control functions in the Company to provide a seamless experience to business and technology stakeholders. Leverage information from first- and second-line assurance functions to reduce repetitive work and touchpoints with stakeholders.
- Participate in ongoing departmental audit planning and risk assessments and complete planning deliverables in accordance with department standards. Assist in risk-assessing technology plan areas using gathered inputs and professional judgment.
- Participate in data analytics efforts to identify insights to support a focused approach to scoping and risk assessment on audits and department planning.
- Provide oversight and guidance to junior team members by helping them understand risks and controls, audit execution, department methodology, and industry standards. Guide them in test execution and review their work to provide timely feedback.
- Stay up to date on relevant industry, technology, and regulatory matters through self-education and department-supported training. Gain an understanding of the Company’s business and priorities.
- Actively provide inputs and adapt to rapid changes in the department and Company. Demonstrate ability to quickly pivot and make level-appropriate decisions independently while keeping their team and manager informed.
- Travel 10% - 15% domestic and international, in addition to occasional travel to offices in the tri-state area.
- Minimum of three to five years of IT auditing experience. Experience within either Internal Audit or relevant Big 4 consultancy is a plus.
- Knowledge of multiple IT environments (e.g., Windows, UNIX/Linux, Mainframe, AWS) and areas (e.g., cybersecurity, information security, access management, data protection, etc.) is desirable.
- Experience with Data Analytics software such as Tableau is a plus.
- Good understanding of relevant regulations, industry standards, and frameworks (e.g., SSAE 18/SOC, SOX, COSO, COBIT, ITIL, ISO27001, NIST) and best practices and methodologies to address these requirements.
- Good understanding of relevant regulations such as NYDFS, HIPAA, and GLBA.
- Bachelor’s degree in information systems, Accounting, or other quantitative discipline preferred (other bachelor’s degrees may be considered)
- Currently holds or is committed to pursuing professional audit certification such as Certified Information Systems Auditor (CISA)
- Proven ability to multi-task, complete projects on time and budget, and adjust to changing priorities. Ability and desire to learn quickly, be flexible, and think strategically.
- Strong communication (i.e., verbal and written) and interpersonal skills with the ability to influence change.
- Enthusiastic, self-motivated, effective under pressure, and willing to take personal responsibility/accountability