Sr Systems Auditor (IT Support)
GuideWell
Job Description
<p>The Sr. Systems Auditor is a member of the Internal Audit department who focuses primarily on information technology risk. As an individual contributor, the candidate will assist the Systems Audit management team in conducting IT risk audits including analysis of application, OS and DB security; internal security architecture, vulnerability process, data privacy and other supporting IT processes. They will analysis of key risks and controls in related processes, test program development and execution, results reporting, and tracking of relevant issue remediation activities. </p><h3>What You'll Will Be Doing</h3><ul><li>Support the risk analysis function through the information-gathering process, assessment of supporting technologies, and development of the audit program. Collaborate with Audit team management regarding audit program development. </li><li>Perform research on technologies included in the scope of audits, identifying assessment focus areas based upon risk analysis. </li><li>Execute key control testing through detailed analysis of various technical environments including operation systems, databases, network components and devices, and the related IT processes to manage those environments. </li><li>Communicate with audit stakeholders regarding audit process and activities, artifact request management, risks, and audit results. </li><li>Track auditee remediation plans adopted to mitigate significant risks.</li><li>Lead most aspects of the project lifecycle for assigned audit engagements including preliminary risk assessment and related technical research, project management, communication with audit team and business stakeholders.</li></ul><h3>What We Require</h3><ul><li><p style="margin-bottom: 0px; margin-top: 0px;">3+ years related work experience in technology audit experience, IT system administration or related technical controls experience </p></li><li><p style="margin-bottom: 0px; margin-top: 0px;">Related Bachelor’s degree or additional related equivalent work experience Information Systems, Computer Science or related field</p></li><li><p style="margin-bottom: 0px; margin-top: 0px;">Experience in auditing, administering and/or performing other risk assessment functions for a variety of technical platforms, such as operating systems, databases, networks, firewall systems, web services and/or cloud services. </p></li><li><p style="margin-bottom: 0px; margin-top: 0px;">Experience documenting key processes, risks, control objectives and controls in narrative and process flow formats. <br>Strong written and verbal communication skills. </p></li><li><p style="margin-bottom: 0px; margin-top: 0px;">Experience managing concurrent engagements / workstreams, prioritize and validate </p></li><li><p style="margin-bottom: 0px; margin-top: 0px;">Ability to work towards the Certified Information Systems Security Professional (CISSP) and/or Certified Information Systems Auditor (CISA) designation. </p></li><li><p style="margin-bottom: 0px