Our Internal Audit department is looking for an IT Internal Audit Senior Analyst to join our dynamic and growing team. This individual will conduct technology focused audits, including integrated audits. He or she will be responsible for evaluating risks and controls for our IT infrastructure, applications and systems, information security, and key business processes and operations. Furthermore, he or she will perform oversight of the company’s audit of Internal Controls by providing guidance related to IT controls and managing internal and external relationships.
- Performs IT General Computer controls audits, infrastructure audits, and integrated reviews as prescribed in the annual Internal Audit Plan
- Perform risk assessments to identify risks relevant to the applicable audit and determine the extent of testing procedures to be performed based on the level of risk defined.
- Identify opportunities to enhance operational efficiencies
- Tracks remediation of audit issues noted in internal audit reports
- Serves as the liaison with IT for IT external auditors and co-sourced consultants
- Effectively communicates audit results, both verbally and in writing, so they are persuasive, placed in the appropriate context, and understood by the recipient
- Effectively interacts with IT personnel, external auditors, consultants, and other company personnel including some interaction with higher level employees
- Performs special projects which are appropriate and relevant to the Internal Audit Department Charter
- Aids business-focused Internal Audit team members with IT testing as necessary
- Strong knowledge of industry standards/frameworks (e.g., SOC/SSAE, COSO, COBIT, NIST, etc.,) and leading industry business practices.
- Understanding of the technological, operational, financial, and compliance risks that affect information systems design, modification, and processing activities
- Knowledge of applications, databases, and operating systems. Familiarity with networking, intrusion detection systems and firewalls
- Information systems auditing skills including ITGCs
- Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one
- An ability to effectively influence others to modify their opinions, plans, or behaviors
- An understanding of business needs and commitment to delivering high-quality, prompt, and efficient service to the business
- An understanding of organizational mission, values, and goals and consistent application of this knowledge
- An ability to train business-focused Internal Audit team members on ITGCs and other relevant IT testing criteria
- BS or MS in Information Technology, Computer Science, or a related field
- Certified Information Systems Auditor (CISA) or CISSP certification preferred.
- 4+ years of experience in IT Audit, Information Security, or a related field
- Consulting and/or pharmaceutical industry experience is preferred.