We have an outstanding Contract to Hire position for aSenior IT Auditorto join a leading Company located in theMiami, FLsurrounding area.
The IT Auditor conducts audits of the information technology control design and effectiveness in accordance with information technology & security, authoritative sources including our Enterprise Security Office corporate standards; Sarbanes Oxley (SOX); Control Objectives for Information and Related Technology (COBIT); National Institute of Standards and Technology (NIST); and/or International Organization of Standards (ISO). Manages audits, projects, activities, and remediation plans to mitigate information technology and security risks within LTG. Assesses the information technology control environment and recommends enhancements and improvements to control activities, measures, and routines.
Responsibilities :
- Conducts internal, information technology audits and rigorous control self-testing programs to ensure controls are designed adequately and working effectively to mitigate information technology and security risks within agreed policies, procedures, standards, and risk limits.
- Audits, assesses, and ascertains that controls and processes are in place to ensure that information technology risks have been adequately managed and in line with business priorities.
- Serves as a subject matter expert on information technology policy, standards, and framework and proactively bridges the gap between control requirements, technical issues, and business risks.
- Proactively researches changes in the industry, information technology governance, and external risk compliance landscape.
- Ensures information technology risk management practices are embedded in the enterprise and that systems and data criticality and sensitivity are defined.
- Constructs corrective action plans for the resolution of control weaknesses and provides expert guidance on how to avoid and prevent similar situations in the future.
- Delivers key performance indicators on audit issues and controls weakness closure rate.
- Conduct testing and validation of remediation action plans and enhancements to control routines.
- Engages the Enterprise Security Office as appropriate in support of security-related control testing and remediation as warranted.
- Demonstrate effective working relationships with key stakeholders
- Incorporates business strategy into the decision-making process; mentors less experienced associates on strategies.
- Takes ownership within the area of expertise; provides guidance to others.
- Identify opportunities to make improvements within their area of responsibility.
- Creates and presents implementation plans approved by senior leadership.
- Prioritizes work based on business drivers; takes ownership of changes in priority.
- Excellent communication skills, both verbal and written.
- Advanced understanding of business and IT strategy/processes in their area of expertise.
- Engages in the discussion of complex business topics in assigned areas and captures process activities and requirements.
- Understands the impact of changes in the business.
- Other job duties as assigned.
Basic Hiring Criteria :
- Bachelor's Degree or Certification Required.
- Minimum 8 years of technical audit and/or related governance experience with working knowledge of information technology governance, information technology quality assurance, and/or information security risk assessment.
Desired Qualifications :
- Strong awareness and knowledge of the following areas of information technology: cloud computing and security, governance, service management; and security authoritative sources providing control and control measurement best practices.
- Ability to provide recommended actions toward the design and operation of control measures and routines to ensure compliance with information technology and security standards, policies, and applicable regulations.
- Knowledgeable in all aspects of the system development lifecycle; influences methodology.
- Provides support and guidance to colleagues.
- Aligns solutions with IT strategy and standards.
- Advanced proficiency in assigned areas; building skills in multiple areas .
- Analyzes requirements and advises key stakeholders regarding technical solutions and information controls for new or changed processes.
- Proposes functional designs, alternatives, and solution approaches to meet specific requirements.
- Independently solves complex problems in core technologies; understands interrelationships with other areas.
- Provides input and performs full system life cycle management activities including solution configuration, data mapping and definition, test development and execution, and system training.
- Leads small projects, ensuring requirements and timelines are met.
- Recognizes when and to whom issues should be escalated.
- Provides level 3 support functions.
- Defines solutions in alignment with IT strategy and standards.
- Application of systems analysis techniques and procedures, including consulting with users, to determine hardware, software, or system functional specifications; OR the design, development, documentation, analysis, creation, testing, or modification of computer systems or programs, including prototypes, based on and related to user or system design specifications; OR the design, documentation, testing, creation, or modification of computer programs related to machine operating systems; OR a combination of the above.
- Proficient in Excel VLOOKUP and XLOOKUP; Write and read SQL scripts for data searches.
- Collaborative; establishes and maintains effective working relationships, supporting company leadership and team.
- Models flexibility: influences change in the area of expertise.
- Builds trust in others and works with integrity and ethics; upholds organizational values.
- Sensitive and responsive to internal and external needs; proposes new solutions.
- Resourceful; creates and implements actions that are outside of the typical concept to generate results.
- Fosters a supportive and collaborative teamwork environment.
- Takes a creative and innovative approach to problem-solving; recognizes interdependencies/impacts.
- Actively promotes diversity and seeks to understand others' points of view.
- Demonstrated audit experience assessing information technology, cloud security, and related compliance and control measures.
- Knowledge and experience auditing Information Technology and Cloud Security controls in accordance with Sarbanes Oxley (SOX); Control Objectives for Information and Related Technology (COBIT); National Institute of Standards and Technology (NIST); International Organization of Standards (ISO), and/or other related authoritative sources and standards.
- Preferred CCSP - Certified Cloud Security Professional, and Microsoft Certified: Microsoft Azure Fundamentals & Solution Architect.
- Strong knowledge of Information Technology Infrastructure Library (ITIL) and Service Management principles.
- Knowledge of critical control environments & measures related to security architectures, systems, and environments.
- Excellent communication and program management skills.
VEVRAA Federal Contractor / Request Priority Protected Veteran Referrals / Equal Opportunity Employer / Veterans / Disabled
To read our Candidate Privacy Information Statement, which explains how we will use your information, please visit:
The Company will consider qualified applicants with arrest and conviction records in accordance with federal, state, and local laws and/or security clearance requirements, including, as applicable:
- The California Fair Chance Act
- Los Angeles City Fair Chance Ordinance
- Los Angeles County Fair Chance Ordinance for Employers
- San Francisco Fair Chance Ordinance