Sr Auditor – IT Controls and Compliance

To Apply for this Job Click Here

Job Title: Sr Auditor – IT Controls and Compliance 
Location: Hybrid: Miami, Florida 
Job-Type: Contract-to-Hire
Referral Bonus: $+/-120 Month

Summary of Position:

The IT Auditor conducts audits of the information technology control design and effectiveness in accordance with authoritative sources including Sarbanes Oxley (SOX); Control Objectives for Information and Related Technology (COBIT); National Institute of Standards and Technology (NIST); and/or International Organization of Standards (ISO). Manages audits, projects, activities, and remediation plans to mitigate information technology and security risks. Assesses the information technology control environment and recommends enhancements and improvements to control activities, measures, and routines.

Responsibilities

• Conducts internal information technology audits and rigorous control self-testing programs to ensure controls are designed adequately and working effectively to mitigate information technology and security risks within agreed policies, procedures, standards, and risk limits

• Audits, assesses, and ensures that controls and processes are in place to adequately manage information technology risks in alignment with business priorities.

• Serves as a subject matter expert on information technology policy, standards, and frameworks, bridging the gap between control requirements, technical issues, and business risks.

• Proactively researches changes in the industry, IT governance, and the external risk compliance landscape.
• Ensures IT risk management practices are embedded in the enterprise, and that systems and data criticality and sensitivity are defined
• Constructs corrective action plans to resolve control weaknesses and provides guidance to prevent recurrence.
• Delivers key performance indicators on audit issue and control weakness closure rate; conducts testing and validation of remediation plans and control enhancements.
• Engages with appropriate internal security teams to support security-related control testing and remediation efforts.
• Demonstrates effective working relationships with key stakeholders.
• Incorporates business strategy into the decision-making process; mentors less experienced associates.
• Takes ownership in areas of expertise and provides guidance to others.
• Identifies improvement opportunities within their area of responsibility.
• Creates and presents implementation plans for leadership approval.
• Prioritizes work based on business drivers; adapts to changing priorities.
• Communicates effectively, both verbally and in writing.
• Possesses advanced understanding of business and IT strategy/processes in assigned area.
• Participates in discussions on complex business topics and captures process activities and requirements.
• Understands the impact of business changes.
• Performs other job duties as assigned.

Technical Skills

• Strong knowledge of IT areas including cloud computing and security, governance, service management, and authoritative control frameworks.
• Recommends actions for the design and operation of control measures to ensure compliance with IT and security standards, policies, and regulations.
• Knowledgeable in all aspects of the system development lifecycle; influences methodology.
• Provides support and guidance to peers and aligns solutions with IT strategy and standards.
• Advanced proficiency in assigned technical areas; developing broader skills.
• Analyzes requirements and advises stakeholders on technical solutions and controls for new or updated processes.
• Proposes functional designs and solution approaches to meet business needs.
• Independently solves complex problems in core technologies and understands their interdependencies.
• Participates in full system lifecycle management including configuration, data mapping, testing, and training.
• Leads small projects and ensures timely, requirement-driven outcomes.
• Recognizes escalation needs and provides Level 3 support.
• Defines solutions in alignment with IT strategy.
• Experienced in systems analysis and development, including specification, design, testing, and documentation.
• Proficient in Excel (VLOOKUP, XLOOKUP) and able to write and read SQL scripts for data queries

Educational Requirements

• 8+ years of technical audit and/or related governance experience with working knowledge of IT governance, quality assurance, and/or security risk assessment.
• Demonstrated audit experience in IT, cloud security, and related compliance and control measures.
• Knowledge and experience auditing IT and Cloud Security controls in accordance with SOX, COBIT, NIST, ISO, or other recognized standards.
• Preferred certifications: CCSP – Certified Cloud Security Professional, Microsoft Certified: Azure Fundamentals & Solution Architect.
• Strong knowledge of ITIL and service management principles.
• Knowledge of critical control environments related to security architectures, systems, and infrastructure.
• Excellent communication and program management skills.

To Apply for this Job Click Here