IT Auditor CISA, CISSP - Winston Salem, NC

Modis | Winston Salem, NC

+ Apply + Search More Jobs Share/Save/BookmarkShare / Email

Sr  IT Auditor - Internal Audit.   Full-time, 40 hour per week.
Job Summary: Seeking experienced, highly self-motivated IT auditor for Sr. Information Technology Auditor position, part of the Audit & Compliance function serving both University and the Medical Center (and subsidiary organizations).    The Senior IT Auditor works with a wide variety of management and staff while performing independent systemic audits of IT systems and processes in both academic and healthcare settings. Reviews may include assessments of administrative, physical and technical controls in place to ensure the integrity, confidentiality, and availability of information resources, and ensure compliance with regulatory requirements affecting the University and Health system.
Education / Experience:   Bachelor's degree from an accredited college or university, or equivalent education, certification and experience.  Three (3) years of experience in information technology (IT) auditing, public accounting IT audit/advisory services, information security, or closely related experience in an IT or audit function required. Experience in a health system or university setting preferred.  Minimum 4-5 years of experience in information technology (IT) auditing strongly preferred.  The ideal candidate has extensive working knowledge of information technology, IT controls frameworks and IT auditing practices. Skilled user of tools such as ACL, IDEA, Activedata, and Excel for analytics. Strong communication skills essential.
Licensure, Certification, and/or Registration:   Certified Information Systems Audit (CISA) and/or Certified Information Security Systems Professional (CISSP) required, or must be achieved within 1 year of hire.
Essential Functions:   
1.  Assists the Information Technology  (IT) Audit Manager with the preparation and execution of the University?s and the System?s annual audit work plan, prepared based on risk assessments conducted with senior administration and other key University and System leaders. Conduct daily activities in the completion of the annual audit work plan, which includes audits relating to information technology but may overlap into operational and financial areas.
2.  Creates planning memos and resulting complex and/or unique audit programs to ensure scope is appropriate and objectives are focused.  Determines testing methodology.
3.  Coordinates and conducts testing of internal controls to evaluate their effectiveness.  Analyzes University and System IT process, technology and internal controls for potential concerns related to compliance with laws, regulations and IT control best practices. Assesses identified concerns through the collection and interpretation of data. Assists in review of University and System usage of information technology, protection of assets, and the efficiency and effectiveness of operations. Compiles, monitors, analyzes, evaluates and audits complex and/or unique information technology data. Ensures assigned reviews are completed timely.
4.  Helps address University and System issues that are identified through scheduled audits, regulatory changes, or internal/external parties.   Advises University and System leaders on action plans to address the issue and monitors the resolution.  Such issues could include system vulnerabilities, access controls, change management, fraud and misappropriation of assets, or other internal control failures.
5.  Communicates concerns and the results of reviews effectively to affected department leadership and other interested parties, including senior administration.  Monitors the results of reviews and conducts follow-up reviews to validate the successful implementation of corrective action plans to address identified issues.  Assists the IT Audit Manager in communicating issues and their resolution to leadership. Maintains communication and collaborative working relationship with CIO?s, IT Security Officers, and other IT management and staff to address risks, audit schedule and scope.
6.  Maintains an expert knowledge of IT control standards and internal control guidance, and extensive working knowledge of information technology, and current issues related to information security and compliance with standards, laws and regulations.   Researches issues raised by faculty and staff and coordinates with the Corporate Compliance Office, Financial Services, Legal Affairs, and other University and System departments to answer  questions related to identified concerns.  Maintains an expert knowledge of Computer Aided Audit Tools (CAATS) in order to independently retrieve and analyze data.
7.  Reviews University and System policies related to complex and/or unique internal controls governing information technology.  Reviews University and System policies in conjunction with the Compliance Office in an effort to ensure the University and System is in compliance with rules and regulations governing their activities.
8.  Consults, as requested, with University and System Information Technology personnel, and operational and financial administration on internal control aspects of business practices and policy and procedure development, implementation and monitoring.
9.  Performs investigations confidentially and competently as requested by management, triggered by Hotline calls, or any other circumstance.
10. Assists in the development and delivery of training to educate System faculty and staff regarding Information Technology control policies and procedures.
Skills & Qualifications:  
Skilled in interpersonal relation and able to interface at all levels
Ability to work with management
Excellent communication, including verbal, written, and listening skills
Strong analytical abilities
Ability to expertly use computer software including CAATS, MS Office, and VISIO.
Extensive working knowledge of information technology and auditing standards.
Ability to act as a leader, team player and facilitate groups.
Work Environment:  
Clean, office environment
Some local travel required
Occasional exposure to medical settings

Job Type: Full Time
Employment Type: Employee
Wage: $80,000.00 to $85,000.00 Annual

Feedback Form