Senior IT Auditor

Recruit & Employ is actively seeking a dynamic candidate for the role of:

Senior IT Auditor

An IT auditor can also be involved in the planning and execution of internal audit procedures and the creation of internal audit reports. An auditor must work within a team to create a solid information technology infrastructure, and collaborate with clients to devise and put in place policies and procedures regarding network security issues.

Responsibilities:

• Interact with key functional and technical client personnel and work with other consulting team members to perform the following IT controls assessment and audit activities:
• Review IT policies/procedures and perform Process Walkthroughs to identify and document relevant systems, IT general controls and IT Application controls.
• Provide inputs on the annual risk assessment and plan development
• Identify control weaknesses, help assess their impact, and discuss practical solutions with management
• Collect supporting client artifacts (such as system security plans, vulnerability assessment reports, etc.
• Map current IT controls and supporting artifacts to a predetermined IT Controls Set
• Develop and execute IT controls test plans in order to assess (test) the design and operational effectiveness of current IT controls & supporting artifacts against the IT Controls Set
• Produce and maintain detailed work papers of control test activities and results, and Identify and document IT internal control deficiencies and provide clear and concise recommendations to client management regarding the elimination or mitigation of control deficiencies.
• Execute audits by analyzing, testing and evaluating the entity’s control environment by using a blend of traditional sampling and automation.
• Document audit testing and conclusions; organize and reference work papers

Qualifications and Skills:

• Bachelor’s degree in Information Technology, Business Management, Finance or related field
• Minimum of 4 years in an IT Auditor or IT Risk Management role is required
• Sound understanding of IT risk management concepts including but not limiting to IT infrastructure controls, cyber security controls, application controls, IT general controls
• Experience working with operating systems, databases and applications such as UNIX/LINUX, and database management systems such as Windows Server, Oracle and SQL.
• Data analytics skills
• Previous experience working in a large complex environment is preferred
• Solid analytical, problem solving, organization, and project management skills