Role: Identify technology risks and independently evaluate efficiency and control effectiveness of Information Technology (IT)/ Information Security (IS) functions, applications and systems; document and report findings and make recommendations. Coordinate and oversee IT Vulnerability Assessments. Analyze elements of the core system, and third-party systems data for abnormalities, trends and risks. Serve as resource to Internal Audit Staff on operational, functional, financial and compliance audit assignments impacted by information system risks and/or IT controls and data integrity.
Essential Functions & Responsibilities:
50% Manage and perform internal audits of IT / IS activities so that significant risks are mitigated. Execute audits in a manner that evaluates internal controls, efficiencies and effectiveness, and compliance with applicable rules, regulations, policies and/or procedures. Perform root cause analysis of identified issues. Provide reports outlining results of audit testing, including adherence to policies and procedures and adequacy of internal controls. Ensure audits are conducted in accordance with established standards, including Generally Accepted Auditing Standards (GAAS) and ISACA.
30% Design and develop data models for Continuous Auditing, Internal Audits and Credit Union analytics. Perform analysis of data, departments, projects, etc. and interpret associated risks. Work with department VP to: identify potential issues; develop reports for the Internal Audit Department and Supervisory Committee; design, implement and/or maintain monitoring/fraud detection tools and procedures. Assist with internal audits and special projects on IT/IS related matters and/or as otherwise directed.
20% Maintain oversight of IT Vulnerability Assessments, including but not limited to: coordination and scheduling of assessments; acting as liaison between vendor and applicable staff; ongoing vendor due diligence/monitoring, and conducting RFPs as directed. Provide support for regulatory and other external exams. Record, track and validate internal and external IT/IS audit issues. Serve as consultant to management/employees in advisory role.
Knowledge and Skills:
Experience: Three years to five years of similar or related experience.
Education: Equivalent to a college degree and a professional certificate or a graduate degree.
Interpersonal Skills: A significant level of confidentiality, trust and diplomacy is required, in addition to normal courtesy and tact. Work involves extensive personal contact with others inside and/or outside the organization that can be of a highly sensitive / confidential nature.
Other Skills: Bachelor’s degree in Information Technology, Information Systems or related field. Certification * (CISA, CISSP, CISM, CIA, or other related) preferred. * CISA – Certified Information Systems Auditor; CISSP – Certified Information System Security Professional; CISM – Certified Information Security Manager; CIA – Certified Internal Auditor Strong analytical skills. Demonstrate strong knowledge of IT concepts, terminology and internal control environments. Ability to: use independent judgement; collect and analyze complex data and problems; and perform research in order to provide valuable recommendations for improvement. Communicate effectively and timely.
To submit your resume, please fill out the information below. All resume submissions are confidential.