Senior Information Systems Auditor

Overview

Job Summary 

The Senior IS Auditor works closely with the Information Services and Analytics functions of the organization. Individuals in this role will perform audits of technology controls, provide advisory services where new technologies or processes are being implemented, and participate in groups seeking to establish enterprise technology standards. At this time we are following a remote/in office hybrid model. Candidates must reside in the Charlotte, NC area or be willing to relocate.

Who Should Apply 

Candidates with experience conducting audits of complex technology environments, or with IT operations experience in the areas of Information Security, Identity and Access Management, Information Governance, or Network Engineering. Candidates should be familiar with common frameworks like COBIT, NIST CSF, ITIL, and ISO series.    
 
Job Duties 

• Design and execute audit procedures to monitor risks to the confidentiality, integrity and availability of information and infrastructure systems
• Partner with management to understand emerging risks related to systems integration and adoption of new technologies
• Responsible to engage with management on action planning to address risks noted in reviews and issue periodic reports to management 
• Collaborate with operational, fraud, and investigations auditors to provide technology insight or advice for audits and projects 

 
Essential Functions 

• Demonstrates authority, credibility and ethical conduct including individual conformance to The Institute of Internal Auditor's Code of Ethics and competency through continuing professional development. 
• Responsible for managing engagement-level client relationships and developing communication strategy 
• Summarizes and develops engagement conclusions, identifies residual risks, and formulates recommendations 
• May provide project supervision on an individual engagement basis, including assessment and reporting on staff performance as well as mentoring staff on improvement opportunities 
• Develops engagement work programs, proposes budget, milestones, and assignments 
• Determines the objectives, evaluation criteria and scope of engagements assigned as part of the overall plan 
• Responsible for project administration of assigned engagements (code of conduct, internal and external meeting scheduling, budgets, milestones) 
• Completes risk assessments, including prioritizing key risks and controls at the engagement level 
• Recognizes types of fraud, fraud risks and red flags for fraud 
• Recognizes if governance and oversight of an area being audited is insufficient to address identified risk 
• Collaborates on the design of the audit results communication plan for engagement 
• Designs and executes follow up procedures to verify that management actions have sufficiently addressed the risk 
• Determines and applies analytical review techniques at the engagement level. Responsible for proposing analytics that can be used on a continuous basis. 
• Evaluates the relevance, reliance and sufficiency of potential sources of evidence. 
• Prepares workpapers and documentation 
• Utilizes control frameworks to evaluate risk and controls and recommend improvements to the organization's internal control environment 
• Identifies authoritative sources relevant to audit engagements and performs sufficient research to inform the engagement plan 
• Uses and applies technology solutions in audit engagements 

 
Physical Requirements 

Work involves travel to and from the office to other facilities within the System as well as to companies with which the System does business. Majority of the day is spent working on the computer, which can involve prolonged sitting. Work requires the ability to work under pressure and meet deadlines. 
 
Education, Experience and Certifications 

Bachelor’s Degree in a related field is required. Relevant professional certification, license, or advanced degree is preferred. Minimum of 3 to 5 years of related work experience in healthcare, internal auditing, consulting or advisory services or a related field. Proficient in the use of Microsoft Office tools (Outlook, Word, Excel, PowerPoint, Teams, SharePoint, Visio). Familiarity with analytical software.