PAY SCALE: $81,400.00 - $85,000.00 ANNUALLY
GENERAL DESCRIPTION :
Under the direction of the Manager – IT Audit and Data Analytics, responsible for coordinating and executing general and information technology audits including operations, applications, operating systems, database systems, host systems (teller platform), PC security systems, network systems, and telecommunications. This includes working with information technology personnel to identify risks, and to collaborate with management on observations and recommendations to strengthen controls, draft reports with observations and recommendations, and document work performed. Will also serve as an internal audit staff resource on operational, financial and compliance audit assignments impacted by information system risks and/or IT controls and data integrity. Must demonstrate collaborative nature in working with client and team members to communicate and develop mitigation strategies to address risks identified.
TASKS, DUTIES, FUNCTIONS:
- Work collaboratively with IT audit team and management to determine and establish appropriate audit scope and control objectives for the areas under review. Evaluate the systems of control to determine the areas of highest risk using accepted risk management techniques. Develop audit plans that utilize allocated hours and resources to address high exposure areas within audit scope.
- Execute IT audit engagements on schedule to deliver timely and accurate results.
- Maintain a thorough understanding of state and federal laws and regulations related to credit union compliance including consumer protection regulations, bank secrecy and anti-money laundering laws, and all other laws and regulations appropriate to the position.
- Design and execute IT audit programs to validate relevant control objectives, document the results, and report to management regarding the adequacy of their internal controls.
- Identify audit issues, develop collaborative audit recommendations, and assist in drafting audit reports under limited supervision.
- Provide independent evaluations of IT controls, security, policies, and procedures.
- Perform and coordinate follow-up testing to determine if management has taken action to mitigate risks identified.
- Develop client relationships and foster an environment of collaboration and teamwork.
- Provide assistance and training to other operational and compliance audit staff members in the technical aspects of IT systems and controls.
- Assist external auditors and regulators in their annual reviews and examinations as needed.
- Prepare work papers, observations, and reports following department standards, under supervision.
PHYSICAL SKILLS, ABILITIES, AND EXERTION UTILIZED IN THE PERFORMANCE OF THESE TASKS:
- Frequent use of personal computer to prepare and analyze audit data.
- Effective oral and written communication skills required to complete audit reports and analysis and to make oral presentations to Management, and staff.
- Must possess sufficient manual dexterity to skillfully operate an on-line computer terminal and other standard office equipment, such as financial calculators, personal computer, facsimile machine, and telephone.
ORGANIZATIONAL CONTACTS & RELATIONSHIPS:
- INTERNAL: All levels of management and staff, and the Supervisory Committee.
EXTERNAL: External auditors, regulators/examiners, and peer groups.
QUALIFICATIONS:
- EDUCATION: Bachelor’s Degree in Accounting, Finance, Information Systems, or a related field.
EXPERIENCE: 2 years or more of audit experience preferred with at least 1 year of relevant IT audit experience. Experience with presenting and reporting audit results to management strongly preferred. Previous IT audit experience in the financial services industry strongly preferred. KNOWLEDGE/SKILLS: Working knowledge and experience with general computer controls including Change Management, Access and Security, and IT Operations a must. Experience with incident management and response, disaster recovery, business continuity, data management and integrity, vendor management, IT project management, systems development and implementation methodologies, networking, and cybersecurity preferred. Familiarity with PCI compliance requirements a plus. Familiarity with COBIT and COSO methodology a plus. Working knowledge of FFIEC guidance and National Institute of Standards and Technology (NIST) strongly preferred. Strong written and oral communication skills required. Some knowledge of Internal Audit software, Teammate and Data Analytics preferred. Strong knowledge of Microsoft Office suite of tools, including Visio required.
PHYSICAL REQUIREMENTS:
- Prolonged sitting throughout the workday with occasional mobility required.
- Corrected vision within the normal range.
- Hearing within normal range. A device to enhance hearing will be provided if needed.
- Occasional movements throughout the department daily to interact with staff, accomplish tasks, etc.
LICENSES/CERTIFICATIONS: Relevant professional certification preferred. Pursuit of Certified Information Systems Auditor (CISA) or Certified Information System Security Professional (CISSP) acceptable. Pursuit of Certified Internal Auditor (CIA) or Certified Public Accountant (CPA) or equivalent is acceptable.
THIS JOB DESCRIPTION IN NO WAY STATES OR IMPLIES THAT THESE ARE THE ONLY
DUTIES TO BE PERFORMED BY THIS EMPLOYEE. HE OR SHE WILL BE REQUIRED TO
#J-18808-Ljbffr