JOB POSTING: IT Auditor - Internal Audit
Full time, Benefits Eligible
We are seeking a IT Auditor who will be responsible for planning and conducting IT audits to evaluate hospital IT systems, functions and security, network, etc. to include diverse and complex information technology environments, operating systems, and applications. This person will be able to evaluate the design and operating effectiveness of application controls, perform security audits, risk analysis, application-level vulnerability testing and compliance reviews to determine if functional areas are conducting operations in accordance with applicable laws, regulations, contract/grant provisions, and established policies and procedures The work also involves providing consulting services to the organization's management and staff; and providing input to development of the annual audit plan. The IT Auditor maintains all organizational and professional ethical standards and works under limited supervision with moderate latitude for initiative and independent judgment. The IT Auditor completes all internal audit work in compliance with The IIA's International Standards for the Professional Practice of Internal Auditing (Standards).
Why Nationwide Children’s Hospital
The moment you walk through our doors, you can feel it. When you meet one of our patient families, you believe it. And when you talk with anyone who works here, you want to be part of it, too. Welcome to Nationwide Children’s Hospital, where Passion Meets Purpose.
Here, Everyone Matters. We’re 12,000 strong. And it takes every single one of us to improve the lives of the kids we care for, and the kids from around the world we’ll never even meet. Kids who are living healthier, fuller lives because of the knowledge we share. We know it takes a Collaborative Culture to deliver on our promise to provide the very best, innovative care and to foster new discoveries, made possible by the most groundbreaking research. Anywhere.
Ask anyone with a Nationwide Children’s badge what they do for a living. They’ll tell you it’s More Than a Job. It’s a calling. It’s a chance to use and grow your talent to make an impact that truly matters. Because here, we exist simply to help children everywhere.
Nationwide Children’s Hospital. A Place to Be Proud
What Will You Be Doing?
- Performs IT audits such as information security and IT infrastructure, network, etc . Some audits will be integrated audits encompassing both technical and business process aspects.
- Assists in developing processes, analytics, and techniques to enhance the performance of technical audits using IDEA.
- Manages the planning process, from initiation and information gathering to assessment of process risks, drafting of the audit approach, entrance and exit conferences, monitor results and make recommendations on issues detected, while managing time budgets for projects.
- Assists in identifying and evaluating the organization's IT risks and access controls associated with information system strategy and provides input to the development of the annual audit plan.
- Participates in new system development projects, system enhancements, and data analysis projects consistent with maintaining a strong internal control environment.
- Conducts interviews, reviews documents, develops and administers surveys, composes summary memos, and prepares working papers.
- Identifies, develops, and documents audit issues and recommendations using independent judgment concerning areas being reviewed.
- Communicates or assists in communicating the results of audit and consulting projects via written reports and oral presentations to management.
- Develops and maintains productive client and staff relationships through individual contacts and group meetings.
- Pursues professional development opportunities, including external and internal training and professional association memberships, and shares information gained with co-workers.
- Performs related work as assigned by audit management.
- Makes recommendations on ways to improve audit processes.
What Are We Looking For?
To fulfill this role successfully, you must possess these minimum qualifications and experience:
- Bachelor's Degree in Information Systems, Computer Science, Accounting.
- Minimum five years IT audit, security risk or IT operations.
- Profession certification such as CISA or CISM is preferred.
- Audit related experience in networking and multiple host platforms. Network and application security design and vulnerability assessment experience is a plus.
- Knowledge of IDEA or ability to work with data mining tools.
- Previous healthcare experience desirable.
Must also have the following demonstrated knowledge, skills, and abilities:
- Knowledge of information security standards (ITL, NIST, ISACA, ISO 17799, HITRUST) as well as COBIT or IT best practices, IIA standards of the profession and ability to recognize applicability.
- Demonstrate sound knowledge of IT and IT control concepts leading various types of IT audits.
- IT knowledge should include an understanding of system development lifecycle, project planning, disaster recovery, operating systems, knowledge of business applications development, and an understanding of IT operations and technology support.
- Knowledge of SOX , data privacy and related regulatory requirements.
- Knowledge of management information systems terminology, concepts, and practices.
- Knowledge of industry program policies, procedures, regulations, and laws.
- Familiarity with the common indicators of fraud.
- Skill in conducting quality control reviews of audit work products.
- Skill in collecting and analyzing complex data, evaluating information and systems, and drawing logical conclusions.
- Skill in planning, time management, organizational and technical skills and in maintaining composure under pressure while meeting multiple deadlines.
- Skill in negotiating issues and resolving problems.
- Computer skills, including word processing, spreadsheet, systems documentation, audit packages, and other business software to prepare workpapers, reports, memos, summaries, and analyses.
- Strong communication skills with the ability to interface with both technical experts and management. Ability to articulate technical issues in terms of business risk.
- Ability to establish and maintain harmonious team-oriented working relationships with co-workers, NCH staff, and external contacts, and work effectively in a professional team environment.
Minimum Physical Requirements:
MINIMUM PHYSICAL REQUIREMENTS
- Sitting Frequently (34-66%)
- Talking on phone/in person Frequently (34-66%)
- Typing on keyboard Constantly (67-100%)
- Standing/walking Frequently (34-66%)
- Lifting up to 25 lbs. Occasionally (0-33%)