The IT Auditor is responsible for assisting with, and leading challenging and complex information technology audit projects. The IT Auditor reviews, evaluates, and tests business and technology processes to assess risk, internal controls, and overall effectiveness and efficiency. This position offers recommendations on business and technology process enhancements and serves as a business partner/advisor to diverse internal teams and management. In addition, this position leads or participates in a variety of other critical tasks and initiatives, special assurance reviews, continuous audits, fraud investigations, consulting reviews and department process improvement efforts.
location: Kansas City, Missouri
job type: Permanent
work hours: 9 to 5
responsibilities: Job Duties:
- Obtain a thorough understanding of key company processes, significant risks, and control environment of assigned audits.
- Apply IT general control concepts and auditing theories, procedures and techniques to various applications, platforms, databases or operating system environments.
- Organize and assists with conducting annual IT risk assessment.
- Develop work programs based on a risk analysis that incorporates audit risk assessment results, including the key business objectives and risk.
- Survey the function or activities to be audited and prepare detailed process flows and audit programs for use in performing the audit, including both tests of controls and substantive testing.
- Prepare and perform first level review of work papers to ensure audit report (including scope of review and issues) is supported by the work performed.
- Prepare audit reports on the adequacy and effectiveness of internal control systems, accuracy of accounting records, and efficiency of operational activities.
- Support communication of audit results in both written reports and verbal discussions with business owners, management and the Board of Managers.
- Execute audits following appropriate internal audit (IA) departmental policies and guidelines in conducting audits, the standards for the Professional Practice of Internal Auditing, and Institute of Internal Auditors Code of Ethics.
- Respectfully and collaboratively challenge business areas to embrace strong operational and internal control practices by establishing and maintaining positive working relationships with business areas.
- Initiate or support corrective action plans or continuous improvement plans identified through audits, monitoring departmental performance indicators, or by recommendation of Management or the Board of Managers.
- Complete other duties, as assigned.
- 4-7 years of relevant experience through public accounting/auditing firm (Big 4 a plus) and/or experience gained in either the profession and/or a large corporate internal audit, IT audit or compliance department.
- Certified Information Systems Auditor (CISA) or Certified Internal Auditor (CIA) certification or Certified Information Systems Security Professional (CISSP) or can obtain within 1 year of employment.
- Master's Degree in computer science, software engineering, accounting, finance or similar discipline.
- 7-10 years of relevant experience through public accounting/auditing firm (Big 4 a plus) and/or experience gained in either the profession and/or a large corporate internal audit, IT audit or compliance department.
- Current Certification - CISA, CPA, CIA, CISSP or related designation.
- Technology experience with exposure to IT general controls in the following areas: architecture, management, administration, asset management and software licensing, change management, project management, systems development, data center operations, customer/problem management, recoverability, telecommunications and email, systems management (server, desktop, etc), network management, database management, information security management, identity and access management, and physical security.
- Experience with auditing Sarbanes-Oxley controls.
- Infrastructure experience.
- Experience building and designing new audit programs and conducting testing for previously unaudited processes
- Breadth of expertise/knowledge in the relevant fields of auditing, technology, operations, finance or investigations; including demonstrated application of internal audit, controls concepts, standards, methodologies and ERM.
Equal Opportunity Employer: Race, Color, Religion, Sex, Sexual Orientation, Gender Identity, National Origin, Age, Genetic Information, Disability, Protected Veteran Status, or any other legally protected group status.