Associate Manager, IT Audit

Storm Search is hiring for an Associate Manager, IT Audit for a WELL Known client!

THIS ROLE IS ONSITE WITH NO RELOCATION: MUST BE A US CITIZEN-THERE IS NO SPONSORSHIP

Key Responsibilities:

1. IT Audit Planning and Execution:

• Assist in developing the IT audit plan to ensure the organization’s IT systems, policies, and procedures align with regulations and internal controls.
• Perform audits to assess risks and identify areas of improvement in IT operations, including infrastructure, data management, cybersecurity, and software applications.

1. Risk Assessment:

• Conduct risk assessments to determine the vulnerabilities in IT environments.
• Help identify areas of potential fraud, mismanagement, and operational inefficiencies.

1. Compliance and Security:

• Ensure compliance with regulations like SOX (Sarbanes-Oxley), GDPR, PCI DSS, HIPAA, etc.
• Evaluate cybersecurity controls, including network security, data protection, and user access controls.

1. Report Generation:

• Prepare audit reports that detail findings, risks, and recommendations.
• Provide actionable insights to management for improving IT processes and controls.

1. Collaborating with Other Teams:

• Work closely with other departments, such as IT, legal, finance, and operations, to gather relevant information and ensure a holistic approach to audits.
• Communicate audit findings clearly to senior management, stakeholders, and external auditors when necessary.

1. Audit Follow-ups:

• Track the implementation of corrective actions and improvements from previous audits.
• Conduct follow-up audits to ensure that management has addressed identified risks.

Key Skills:

1. Technical Knowledge:

• Strong understanding of IT systems, networks, databases, cloud platforms, and enterprise software.
• Knowledge of IT frameworks and standards, such as COBIT, NIST, ITIL, and ISO 27001.

1. Regulatory Compliance:

• Familiarity with industry standards and regulations governing IT, security, and privacy (e.g., GDPR, PCI DSS, SOX, HIPAA).

1. Audit Tools:

• Proficiency in using audit software and tools like ACL, IDEA, or automated testing tools to perform audits.

1. Communication and Reporting:

• Excellent written and verbal communication skills to convey audit findings and recommendations to stakeholders at all levels.
• Strong report-writing and presentation skills.

1. Problem-solving:

• Analytical skills to identify risks and vulnerabilities in IT systems and processes.
• Ability to propose effective solutions to mitigate risks.

Qualifications:

• Educational Background: Typically, a bachelor's degree in IT, Computer Science, Accounting, Business Administration, or a related field.
• Certifications: Professional certifications can enhance credibility and are often required, such as:
• Certified Information Systems Auditor (CISA)
• Certified Information Security Manager (CISM)
• Certified Internal Auditor (CIA)
• Certified in Risk and Information Systems Control (CRISC)