IT Auditor

OVERVIEW AND REPORTING RELATIONSHIP

This person will also be called upon to assist management with enterprise risk assessment and annual audit plan development.

REPORTING STRUCTURE & WORK SETTING

Position reports to Manager, IS Audits, as part of within Cybersecurity. This position will be located in Manila, Philippines in our Global Business Center.

OTHER REPRESENTATIVE DUTIES

• Evaluates IT general controls (ITGC) including user access, information security, systems development life cycle (SDLC), change management, data center / physical security, data backup and recovery, business continuity, and associated risk exposures.
• Completes Financial Reporting Control (SOX) test work and documentation.
• Performs risk-based audits of information systems, operating systems, and operating procedures.
• Assists with audit evaluations to provide reasonable assurance that risk management, control, and governance systems are functioning as intended and can enable the organization to meet its goals and objectives.
• Evaluates automated system controls including authentication and authorization, and other controls to support privacy and security of sensitive data.
• Stays abreast of advances in technology and IT auditing techniques; regularly share knowledge with staff and audit management; effectively interact with various levels of internal management.
• Identifies emerging issues and recommend solutions to IT Audit & Compliance Management. Provides risk assessment input.
• Assists in maintaining documentation of deliverables, current procedures and internal system-specific knowledge.

QUALIFICATIONS:

• Bachelor’s degree or equivalent work experience required
• 5-7 years of business experience with Big Four audit background preferred
• A minimum of 5 years’ experience in a role performing IT audit work
• Certified Information Systems Auditor (CISA)
• Certified Information Systems Security Professional (CISSP) (preferred)
• Certified Information Security Manager (CISM) (preferred)
• Other combinations of education, experience, or training that may be considered in substitution for the minimum requirements

SPECIALIZED KNOWLEDGE, SKILLS & ABILITIES:

• Must be fluent in English
• The ability to identify/assess business process and IT risks, design appropriate audit steps and plan, execute and wrap up audits
• Good working knowledge of SOX, HIPAA and HITECH/ISO principles, concepts and practices
• Strong interpersonal skills and excellent organizational skills
• Self-motivated, able to work in a team and independently
• Detail oriented, able to multitask and meet deadlines
• Advanced knowledge of PowerPoint and Excel
• Visio proficiency in documenting process workflows would be an asset
• Familiarity with audit tools would be considered an asset
• Experience working in cross-departmental teams and leading efforts through collaboration and influence.