IT Risk and Compliance Analyst

As an IT Auditor, your role involves planning and executing internal audits in accordance with department and professional standards. You will evaluate risks in auditable areas and develop or adjust audit testing programs to address these risks. Your responsibilities include assessing the design and operating effectiveness of internal controls over various processes such as Workstation Security, Server / OS Operations, Network Operations, Security Operations, IT Asset (Hardware & Software) Management, Database Management, Mobile Device Management, Access Management, Software Development, Cloud Computing, Managed IT Services, Payment Solutions, Core Process Solutions, Cybersecurity, IT Governance / Information Security Program, Incident Response, and peer reviewing workpapers. You may also support Operational or Compliance audit procedures, Third Party (e.g., SOC) or co-sourced/outsourced internal audits, and perform other assigned duties.

• *Key Responsibilities:**
• Plan and execute internal audits
• Evaluate risks and develop audit testing programs
• Assess design and operating effectiveness of internal controls
• Peer review workpapers
• Support Operational or Compliance audit procedures
• Assist with Third Party or co-sourced/outsourced internal audits
• *Qualifications Required:**
• Proficient knowledge of Microsoft Office Applications
• Solid Written and Verbal Communication Skills
• Strong Project Management Skills
• Detail Oriented
• Ability to apply professional judgment and critical thinking
• Experience with data analysis is a plus
• Familiarity with AuditBoard is a plus
• CISA, CISSP, or CCSP certification preferred

In addition, you should have a good understanding of relevant regulations, standards, or frameworks such as Global IA Standards, FFIEC, PCI DSS, NIST CSF. Your competencies should include the ability to assess risk, materiality, and control effectiveness, determine the sufficiency and completeness of evidence, analyze root causes of issues, and effectively interpret and document processes. As an IT Auditor, your role involves planning and executing internal audits in accordance with department and professional standards. You will evaluate risks in auditable areas and develop or adjust audit testing programs to address these risks. Your responsibilities include assessing the design and operating effectiveness of internal controls over various processes such as Workstation Security, Server / OS Operations, Network Operations, Security Operations, IT Asset (Hardware & Software) Management, Database Management, Mobile Device Management, Access Management, Software Development, Cloud Computing, Managed IT Services, Payment Solutions, Core Process Solutions, Cybersecurity, IT Governance / Information Security Program, Incident Response, and peer reviewing workpapers. You may also support Operational or Compliance audit procedures, Third Party (e.g., SOC) or co-sourced/outsourced internal audits, and perform other assigned duties.

• *Key Responsibilities:**
• Plan and execute internal audits
• Evaluate risks and develop audit testing programs
• Assess design and operating effectiveness of internal controls
• Peer review workpapers
• Support Operational or Compliance audit procedures
• Assist with Third Party or co-sourced/outsourced internal audits
• *Qualifications Required:**
• Proficient knowledge of Microsoft Office Applications
• Solid Written and Verbal Communication Skills
• Strong Project Management Skills
• Detail Oriented
• Ability to apply professional judgment and critical thinking
• Experience with data analysis is a plus
• Familiarity with AuditBoard is a plus
• CISA, CISSP, or CCSP certification preferred

In addition, you should have a good understanding of relevant regulations, standards, or frameworks such as Global IA Standards, FFIEC, PCI DSS, NIST CSF. Your competencies should include the ability to assess risk, materiality, and control effectiveness, determine the sufficiency and completeness of evidence, analyze root causes of issues, and effectively interpret and document processes.