IT Auditor
Job Opportunity at ON-3 LLC

Posted on May 31

http://www.on-3.com    717-456-0477

Location: Harrisburg, PA
Job Type: Full Time
Job ID: W4160843

One of our premier clients is in need of a full-time Information Technology Auditor.  This position reports to the Internal Audit Manager in the Risk Management & Internal Audit Department, and is responsible for performing various audits and advisory work within the information technology environment supporting the Department’s efforts with business process audits as well as external audits.  May also provide supervisory and training support for less experienced auditors, and assist the Manager in coordinating special projects or advisory assignments.
Specific duties include
  • Leads, performs, documents, and reviews tests of controls required for compliance with the NAIC Annual Financial Reporting Model Regulation (AFRMR), also known as Model Audit Rule.
  • Conducts and leads all aspects of the IT and Business audit process to include engagement planning, work plan coordination, risk and control identification, preparation of audit programs to fulfill the audit objectives, testing and analysis of results, and report writing.
  • Responsible for obtaining an in-depth understanding of each business and/or function being audited, identification, and assessment of risks, including understanding the manner in which such risks are controlled and the audit approach required to ensure controls are appropriately designed and operating effectively.
  • Prepares adequate documentation to support the audit work performed and conclusions and is independently able to generate written reports to Management.
  • Discusses audit recommendation and gains consensus with the responsible individuals of the department being audited.Prepares complete, detailed reports on audits and recommends corrective action where control weaknesses exist or where established methods and procedures are not being followed.Evaluates management responses to audit reports, determines acceptability, and independently performs follow-up as required to determine that corrective action has been taken.
  • Able to review the work of other audit staff based on professional knowledge
  • Utilizes data analytics software to extract, survey, and sample data to spot trends and anomalies.
  • Assists with Department’s risk assessment and audit plan development process.
Preferred Knowledge
  • Understanding and work experience in support of IT General Controls audits (Logical Access, Change Control, System Backup, Job Scheduling and Problem Management), IT Security Reviews, as well as exposure and understanding of Service Organization Control (SOC) attestations (1 and 2).
  • Knowledge of SOX-404 or the NAIC AFRMR.
  • Exposure to NIST 800-53, HiTrust, Institute of Internal Auditors standards, COSO, and COBIT.
  • Experience and knowledge in application planning, design, testing, and implementation procedures.
  • Working knowledge of system architecture, IT general controls, and IT security operations.
  • Experience and knowledge in auditing techniques and accounting and control procedures.
  • Exposure/experience with Enterprise Risk Management (ERM) techniques and programs
  • Preferred knowledge of industry standard tools to perform data analysis (e.g. ACL, SAS) and experience documenting workpapers utilizing CCH TeamMate Audit Management System.
  • Expertise in applying IT audit methodologies to analyze large datasets.
Preferred Experience
  • A minimum of two years’ work experience as an Information System Auditor, IT Security Professional, Technology Specialist, or IT Project Manager.
  • Public Accounting experience, Big Four experience is a plus
  • Exposure to Insurance industry and claims processing systems
  • Bachelor’s Degree with concentration in Accounting or Computer Science
  • Certification as an Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), or Internal Auditor (CIA)
SoftwareEngineer.com is owned, operated, and copyrighted by Career Marketplace (© 2002-2019, All Rights Reserved)