Sr IT Auditor
Assurant is seeking candidates with a balance of technical and audit experience who are looking to build upon these talents as part of an influential audit team. The ideal candidate has worked in a cyber security role or a related support function. The candidate should also have information technology (IT) audit experience.
The Senior IT Auditor II is responsible for assisting management in the assessment of Assurants internal control environment by performing system audits and other value-added services. This position will plan, organize and perform general control reviews, application reviews, technical infrastructure and network reviews, and integrated audits with the financial and operational audit group. The Senior IT Auditor II will lead and/or participate in multiple engagements of varying size and complexity, often simultaneously, ensuring a high-quality work product that is relevant to the business and delivered timely enough to influence change and create value.
Senior member in complex audit projects: Works under the direction of the IT Audit Director.
- Build an understanding of risks to business objectives and technology environments
- Apply risk and control concepts to develop audit programs and test procedures
- Assess mitigating controls by collecting and reviewing audit evidence
- Identify and communicate audit issues to management, offering recommended solutions
- Prepare accurate, complete and well-documented work papers
- Review team work papers to ensure accuracy and completeness
- Provide timely engagement updates to business and audit management
- Monitor issue remediation progress, to validate completion and adequacy of action plans
Build relationships with business leaders and managers: Collaborate with Assurant business leaders and managers to understand Assurant objectives and strategy and risks and then advise on the control structures necessary to manage risks.
- Develop and maintain productive, team-oriented, client and staff relationships through individual contacts and group meetings
- Maintain awareness of significant changes across the organization and their potential impact on the established control environment
- Demonstrated leadership potential
Department development: Participate in department initiatives and Centers of Excellence to ensure department processes, systems and methodologies effectively and efficiently enable the department to meet its chartered objectives.
- Pursue professional development opportunities, including internal and external training, and shares lessons learned with co-workers
- Develop self and support others' development to achieve full potential
- Requires a bachelor's degree, from an accredited college or university
- 3 years of experience in an information technology role: software development, IT infrastructure, IT security or related support function
- 2 years of relevant business or audit experience, including documentation of business processes and identification of risks and controls
- Excellent oral, written, listening, and presentation skills
- Ability to maintain composure under pressure while managing multiple assignments and priorities
- Demonstrated dedication to teamwork
- Demonstrated integrity within a professional environment
- Ability to operate a computer with a high level of proficiency in the Microsoft Office suite of products. Includes experience with large spreadsheets, databases and word processing
- The incumbent may be required to travel up to 15%
- In-depth knowledge of the threats and vulnerabilities associated with business technologies
- Masters degree in Computer Science, Information Systems, or related field
- Bilingual in Spanish
- Some exposure to working with data analytics
- Demonstrated ability in project management, and leading staff
- Demonstrated work successes utilizing project plans, issue logs, risk/mitigation strategies, automated testing tools, cost/benefit analysis tools
- Proven track record in applying broad business knowledge and practical experience to working with and managing technology risks and controls
- Working knowledge of identity/authentication platforms such as Active Directory, RACF or Oracle Identity Manager
- Ability and experience in translating business rules into technical definitions
- Some exposure to Accounting/Finance principles
- Holds or intends to obtain related professional certification, such as CISA, CISSP, CEH
- Exposure to secure application coding practices and standards