Gravity IT Resources
Job Title: Lead IT Auditor
Location: Deerfield, Florida
Job-Type: Direct Hire
Referral Fee: $800+
This role is a great opportunity for someone who is an experienced IT auditor. In this role you will execute internal audits for IT and other business units as well as integrated IT/process reviews and consultations. A Lead Auditor must have extensive audit experience with specialized depth and / or breadth of expertise in IT auditing. This position conducts internal audits under the general direction of Internal Audit Management and in compliance with audit standards, schedules, and any related statutes. This position creates work programs and may train and assign work to less experienced team members, reviewing work activities and job performance, and counseling subordinates on the conduct of audit work. A Lead Auditor is recognized by business partners as having specialized expertise and recommends standards and long-term goals for the areas audited, as well as methods to improve the operational efficiency of audits. This position may handle sensitive, unusual or complex audits where a broader knowledge of auditing is required. A Lead Auditor is able to work independently and take a broad perspective to identify solutions, requiring guidance only in the most complex situations. This position may conduct preliminary reviews of audit reports completed by less experienced team members and approves or makes recommendations to management. This position requires a professional with a degree, a professional internal audit or related qualification, and at least 5 years of experience.
Responsibilities include, but are not limited to:
- Regular communication / networking with associates at multiple levels throughout the organization for the purpose of ongoing relationship building to facilitate audit work and continuous risk assessment, monitoring, and information gathering.
- At the direction of Internal Audit Management, assist in the completion of the risk assessment process. This includes collaboration with associates in the Second Line and First Line of Defense, conducting interviews, assessing risks identified, and helping develop and present the annual audit plan to Senior Management.
- Planning and conducting audits as assigned by Internal Audit Management and according to internal audit procedures. This includes:
- Maintaining independence and objectivity as described in the Internal Audit Group Charter in order to be able to evaluate the effectiveness of governance, risk management and control processes.
- Leading and coordinating assigned audits and/or projects to ensure timely completion.
- Executing audit planning based on audit objectives. Gather information to identify high/critical risks. Document walk-through procedures and identify key controls and control gaps in either a flowchart or narrative form as appropriate. Develop and present the Risk and Controls Matrix (“RCM”) to Internal Audit Management to facilitate testing.
- Conducting Fieldwork procedures as guided by the RCM. This will include determining the population and sample size for testing and creating test attributes to determine if controls are operating and functioning as designed.
- Documenting test work, audit findings, and conclusions with associated business risks and making recommendations to enhance internal controls and/or identify opportunities for improved efficiencies.
- Presenting audit findings and recommendations to all levels of management.
- Obtaining responses to the audit findings and ensuring the responses address the identified control/process deficiencies.
- Preparing audit reports and other management communications (e.g., Audit Committee presentation slides) that summarize and rank the audit findings and recommendations as well as associated business risks.
- Perform periodic follow-up on audit findings with the business to ensure that all management action plans have been completed timely.
- Build effective working relationships with co-source partners when assigned to co-sourced engagements. This includes acting as the liaison between the co-source partner and business area auditee, assisting in scheduling meetings with the auditee and ensuring that co-source partners receive adequate cooperation and information from the business for them to perform their audit in a timely manner. In addition, meeting periodically with co-source partner to discuss progress, updating Internal Audit Management and assisting in review of the final audit report or other deliverables. Ensure established vendor management procedures for the department are followed.
- Ability to prioritize and work on multiple concurrent audits and projects as requested.
- Complete administrative responsibilities as requested or assigned by Internal Audit Management (e.g., time reporting, system user access reviews, records retention activities).
Competencies of a Lead Auditor:
- In addition to the tasks listed above, a Lead Auditor is expected to exhibit the competencies of a professional auditor outlined in the IIA’s Global Internal Audit Competency Framework. These competencies encompass personal skills such as, communication, critical thinking, persuasion and collaboration, as well as technical expertise, including those highlighted by the IIA Professional Practices Framework such as: business acumen, governance, risks and control.
- Bachelor’s degree in Computer Information Systems, Accounting, or similar major preferred. Master’s degree a plus.
- Active CISA, CPA or CIA is required.
- Minimum five years of IT auditing in public accounting, internal audit, or equivalent work experience required.
- Demonstrated knowledge of the audit field, and a broad expertise in information technology auditing, including the areas of application controls, asset management, change management, data privacy, data protection, disaster recovery and business continuity, logical security, network security, and vulnerability management.
- Understanding of the COBIT, NIST, COSO, and/or COSO ERM frameworks.
- Knowledge of key IT risks, controls, and ability to use technology-based audit techniques. Demonstrated knowledge of project management skills.
- Strong process analysis, risk and control identification and problem-solving skills
- Intermediate computer skills (or above) with emphasis on Microsoft Excel, Word, Power Point and Visio. Experience with TeamMate or other audit management systems a plus.
- Experience with data analysis tools, Excel, Access, Power BI, Microsoft SQL, Alteryx, Tableau, TeamMate Analytics, Arbutus, R, Python or similar tools, is a plus.
- Self-motivated with strong leadership skills and ability to make decisions independently.
- Ability to work both independently and as part of a team.
- Professional demeanor and ability to work effectively with all levels of management and maintain strict confidentiality.
- Must possess strong analytical abilities as well as strong verbal and written communication skills.
- Ability to travel when required.