The primary responsibilities of the IT Auditor are assisting with planning and carrying out audit assignments within the Information Technology (IT) area. The individual should be creative as well as a strategic thinker proficient in addressing information technology and business issues. This requires a thorough understanding of Internal Audit’ s philosophy and audit process. The individual must be hands-on, bring a proactive approach to the role, as well as being results oriented and maintain a sense of urgency. This role requires experience in communicating with all levels of management and, as necessary, the Audit Committee, Regulators, parent Bank auditors and the Bank’ s External Auditors.
Under the supervision of the Auditor or immediate manager, the individual will work independently or as part of a team.
- Survey functions and activities in assigned areas to determine the nature of operations and the adequacy of the system of control to achieve established objectives.
- Determine the direction and thrust of the proposed audit efforts.
- Plan the approach (sampling, etc.) and scope of the audit and prepare an audit program.
- Identify areas of risk and key control points of the systems and operations.
- Evaluate a system’ s effectiveness through the application of knowledge of business systems, including financial, operational, compliance, and other operations, and understanding of auditing techniques.
- Perform audits in a professional manner and in accordance with the approved audit program and methodology.
- Prepare acceptable working papers which record and summarize data on the assigned auditable entity.
- Obtain, analyze and appraise evidentiary data as a basis for an informed, objective opinion on the adequacy and effectiveness of the system and the efficiency of the activities being reviewed.
- Make oral or written presentations to management during and at the conclusion of the examination, discussing deficiencies, recommending corrective actions and suggesting improvements in operations and reductions in cost.
- Prepare formal written reports, as requested, expressing opinions on the adequacy and effectiveness of the system and the efficiency with which activities are carried out.
- Appraise the adequacy of the corrective action taken to improve deficient conditions through effective follow-up activities.
- Perform Continuous Auditing responsibilities scheduled by the Auditor and/or immediate manager, as necessary.
Requires a Pro-Active individual who recognizes the need for excellence, accountability of performance, conscious of budget and time constraints, flexible with change and strives todeliver a quality product.
- Bachelor’ s Degree or equivalent with a major in Information Systems or other related IT discipline.
- Four to seven (4-7) years of auditing experience, preferably in related industry.
- Excellent verbal, written, communication and analytical skills
- Ability to work independently or as part of a team.
- In depth experience with performing infrastructure and security reviews.
- Experience in performing application, change management and development reviews.
- Thorough knowledge of the following platforms: Windows, Linux, Exchange, VMWare, SQL, Oracle, IIS, WebLogic, JBoss and Apache.
- Solid understanding of Business Continuity/Disaster Recovery as well as Risk Management functions.
- Familiarity with various governance frameworks and standards, such as COBIT, NIST and ISO
- Certification (i.e. CISA) is preferred, but not required.