Senior IT Auditor

Information Technology
in Tampa
, FL
Reference: 19-02246

Roles and Responsibilities: 

  • Identify relevant IT, operational and financial risk associated with the development, operation and use of IT
  • Identify IT risks and help to evaluate the efficiency and effectiveness of the IT infrastructure including general, application, operation, and security controls as well as IT related risks within individual audit areas
  • Perform reviews/audits of IT general controls, application controls, information security, operating systems, systems development life cycles, database structures and functions, Local Area Networks (LANs), telecommunications, pre- and post-implementations of application systems, corporate business continuity processes, and disaster recovery plans
  • Review completed audit reports and analyses for completeness of preparation and conformance with audit program guidelines and professional auditing standards
  • Obtain and review evidence ensuring audit conclusions are well-documented
  •  Identify and communicate issues raised, offering recommended solutions relevant to business and risk
  • Ensure audit conclusions are based on complete understanding of the process, circumstances, and risk
  • Perform special projects and consulting services, as needed
  • Participate in IT initiatives and represents the Internal Audit Department, as needed
  • Attend meetings and communicate effectively with departmental officials or officials in external organizations, as needed
  • Represent the department in outside meetings and conferences, as needed
  • Participate in decisions relating to changes in auditing policies and procedures within the Department
  • Create and maintain detailed workpaper including internal control documentation, flowcharting, and test work
  • Keep informed on law opinions, rules, regulations, standards and related information pertaining to internal audit, information technology, and information security and actively participate in relevant industry and professional networking groups
  • Ensure adherence to applicable Authority, Department, and professional policies, procedures, and standards
  • Comply with continuing professional education requirements of the department and any professional certifications held and keep up to date on current research, trends, and best practices relevant to the area of responsibility
  • Serve as the technology champion within the Department
  • Perform other related duties as required

Job Requirements:

  • Graduation from an accredited four year degree granting college or university with a major in Management Information Systems, Information Technology, Accounting, Finance, Business Administration or Public Administration
  • Possession of one of the following certifications: Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certified ISO/IEC 27001 Lead Auditor, Cybersecurity Forensic Analyst Certification (CSFA)
  • Three years of IT auditing experience
  • Certified Public Accountant (CPA) or Certified Internal Auditor (CIA) designations are a plus
  • An equivalent combination of education, training and experience that would reasonably be expected to provide the job-related competencies noted below

Additional Details:

  • Experience auditing ERP environments (Oracle experience desired)
  • Experience with pre- and post- implementation reviews/audits
  • Experience providing risk-based IT auditing and/or IT risk advisory / consulting services
  • Experience auditing large-scale IT business environments, network operating environments, application controls, systems development, user-developed applications, general IT controls, and network, cyber and mobile security
  • Working knowledge of Government Auditing Standards (Yellow Book) and/or IIA Standards (Red Book)
  • Working knowledge of PCI DSS requirements
  • Working knowledge of COBIT, ITIL, or COSO frameworks
  • Understanding of IT environments to include infrastructure and applications
  • Understanding of encryption and end point security
  • Knowledge of IT security threats, risks, and vulnerabilities
  • Experience with electronic audit workpaper software is preferred (AutoAudit desired)
  • Experience with data analytics and data mining tools
  • Ability to analyze data to identify hidden trends or issues (Experience with IDEA is a plus)
  • Excellent intellectual curiosity, analytical and critical thinking skills
  • Strong listening skills and ability to identify gaps in logic (inquisitive)
  • Ability to flourish in a fast-paced, complex environment and willing to adapt to change
  • Ability to proactively research business best practice concepts in order to apply as appropriate
  • Understanding of financial reporting processes, and security and control for the following technologies and/or enterprise applications: Windows, Linux, Oracle, SQL Server databases, networks, etc.
  • Ability to analyze and interpret accounting data and devise audit procedures and techniques
  • Ability to oversee the preparation of complete and accurate audit reports and statements, including those of a complex nature
  • Ability to communicate effectively and persuasively, both verbally and in writing
  • Performs work assignments with objectivity and integrity
  • Ability to plan, organize and analyze data and make logical conclusions and identify the underlying cause of an issue raised
  • Ability to identify sensitive issues and facilitate communications in a proactive manner to avoid surprises
  • Strong organization and follow-up skills including the ability to handle competing priorities and meet deadlines and commitments
  • Ability to lead follow-up of responses for assigned projects, evaluate the adequacy of the corrective action, and plan for follow-up testing
  • Ability to participate effectively in the formulation of departmental policies and procedures
  • Ability to work as an individual contributor or as a member of a team
  • Ability to work effectively with others, including other auditors, personnel from other departments, and personnel from outside organizations
  • Ability to review workpapers of other team members and provide constructive feedback
  • Intermediate to advanced skills with MS Office suite (Excel, Word, PowerPoint, Outlook)
  • Must be able to maintain confidential information