IT Auditor

Robert Half is seeking an IT Audit consultant for a project-based role. The project will be Hybrid in the West Metro.

Responsibilities include:

• Perform control testing through observation, collection and analysis of evidence of control performance against defined policies, guidelines, or laws
• Evaluate control design meets the objective and mitigates risk
• Assess control language and business line procedures to ensure alignment
• Lead process inquiries, walkthroughs and procedure reviews to support the development of QA test work papers
• Collaborate with Control Owners, Risk Analysts and subject matter experts to define evidence, populations, and discuss results of testing
• Validate populations of desired activity for accuracy and completeness
• Select test samples based on internal program methodology and document rationale for adequate coverage
• Lead test result discussions with business line management and risk partners related to identified exceptions, criteria used to define expected results, and actions needed/recommended
• Perform peer reviews of completed testing
• IT audit, governance, risk or compliance
• Bachelor’s degree in computer science, Management Information Systems, Cybersecurity or related discipline, and approximately 3+ years’ work experience in technology audit, information security engineering, IT governance risk and compliance or related areas preferably within the technology industry
• Strong understanding of cybersecurity processes and concepts (e.g. vulnerability management, security governance, software development, incident response, physical security, auditing and logging, micro segmentation, secure access service edges, zero trust architecture, PKI, penetration testing) as well as application controls
• Experience in auditing, compliance, and/or risk management with cloud operations, network, infrastructure, and security preferably related to Amazon Web Services
• Experience in auditing, compliance, and/or risk management with Data Privacy regulations (GDPR, CCPA, HIPPA and others), third-party data risks, and data protection
• Knowledge and experience with professional standards including NIST Cybersecurity Framework and COBIT
• Excellent communication skills in both written and verbal forms; previous experience in writing internal audit reports, preferred
• Strong analytical, interpersonal and communication skills
• Strong skills in project management