Sign In
Skip to content
← Back to job listings

Senior IT auditor

Clark Davis Associates · Morristown, NJ, United States

Audit & TaxationSenior LevelQuick applyFull-time2 days ago

About The Role

  • Auditing
  • o Perform SOX IT testing for the Company’s operating units.
  • o Formulate recommendations to improve internal control processes, work programs and other SOX compliance efforts, as appropriate.
  • o Follow up on outstanding action points within an agreed timetable and ensure that all issues are closed in a timely fashion.

o Scope of audits may include any of the following

  •  IT general controls –testing of change management, security administration, computer operations, physical security, and other relevant IT general controls
  •  Information Security – execution of audits to ensure compliance with Information Security standards
  •  Financial Audit Assistance – support financial and operational internal auditors by extracting and analyzing data from financial systems using software tools such as IDEA.
  • Business Unit Assistance:

o Provide advisory services to business units relative to the design of application controls and security related controls for system implementations with a view to building in internal controls that are commensurate with the size and complexity of the operations.

o Work on special technology-related projects for business units, as requested.

  • Communication:
  • o Participation in internal planning meetings and regular communications within the Internal Audit Department.
  • o Regular contact with the VP and SVP of Internal Audit and communication of plans and activities.
  • o Regular contact with business unit IT management and maintenance of knowledge of business unit plans and strategies.
  • BA/BS degree in Management Information Systems, Computer Science, or related field
  • 3+ years of working experience in Information Security, IT audit and/or IT SOX Compliance
  • Solid operational understanding of Identity and Access Management technologies and methodologies across multilayer and multi-technology networks, system, application and databases.
  • Operational knowledge of infrastructure technologies and diverse operating systems (e.g., Virtualization, z/OS, z/VSE, UNIX/Linux and Windows platforms), Network security devices (e.g.,firewalls, intrusion detection and prevention systems, proxies, network taps), and relational databases (e.g., Oracle, Microsoft SQL, AS400, DB2, IBM Mainframe)
  • Understanding of Information Security industry auditing tools (e.g., CIS Benchmarking Tool, Rapid 7, Symantec Control Compliance Suite CCS)
  • Solid understanding of Backup and Recovery best practices and methodologies as well as the industry technologies utilized (e.g.,NetBackups)
  • Conceptual understanding of PCI, ISO/IEC 27000 series, ITIL and COBIT standards, European data protection, IT infrastructure and processes, IT governance, project management, principles of internal controls
  • Ability to independently evaluate controls over security processes, infrastructure, network, applications and databases according to established timetables and requirements
  • Security and Audit certifications (e.g., CIPP, CISSP, CISM, or CISA) are desirable

65-95k plus bonus

This listing was posted by a verified recruiter at Clark Davis Associates. Report this listing