Internal Audit - Dallas - Associate, Technology Audit- 9381487

About The Position

Requirements

• Master’s degree (U.S. or foreign equivalent) in Information Systems, Computer Science, Computer and Information Science, Engineering, or a related field, and one (1) year of experience in the job offered or in a related role OR Bachelor’s degree (U.S. or foreign equivalent) in Information Systems, Computer Science, Computer and Information Science, Engineering, or a related field, and three (3) years of experience in the job offered or in a related role.
• Linux and Windows operating systems, including batch scripting and executing standard commands.
• Analytical and data analysis skills such as SQL, Aqua DB Studio or similar tools.
• Data analytics, data mining, and database concepts.
• Developing scripts to facilitate resolving complex audit scenarios.
• Conducting or analyzing vulnerability assessments, penetration testing methodologies, and processes for web, thick client, and mobile applications.
• Systems and security administration and configuration of servers and desktops including experience with UNIX, Windows, and directory services.
• Cloud computing concepts, technologies, risks, and mitigating controls.
• Encryption schemes such as symmetric, asymmetric, and hashing, and how they may be applied in application architecture.
• Threat modeling, intelligence, and incident response.
• Conducting technology risk assessments, Technology Audits, and Information Security risk assessments.
• Object-oriented programming languages, such as Java, C++ or scripting languages such as Python.

Responsibilities

• Assist in defining and executing the internal audit plans, including continuous monitoring, and risk assessment.
• Drive discussions with senior business stakeholders to understand risk drivers, control state, and impact to formulate a point of view of the control environment.
• Define audit scope and design control testing steps to evaluate the adequacy of control designs and operating effectiveness.
• Design and execute tests to validate identified application system controls, which may require data analysis, code inspection, and re-performance of system processes.
• Analyze the design of controls around the underlying system architecture in the context of information technology controls (security, availability, performance) and their impact on the business.
• Analyze business and technology processes to evaluate the effectiveness of relevant technology controls.
• Validate that system features meet business, technology, and regulatory requirements.
• Validate the quality of internal SOX assessments.
• Coordinate with auditors globally on multi-region audits for timely and effective completion.
• Draft commercially effective audit reports, including clear and concise findings and recommendations.
• Present the scope, progress, and results of the review to internal audit management, technology, and business stakeholders.
• Negotiate finalization of issues with senior client management.
• Evaluate management action plans to address control deficiencies.
• Participate in department-wide initiatives to improve internal audit processes and supporting infrastructure.
• Analyze data using various data analysis techniques and data mining to derive conclusions and make business decisions.
• Collaborate with application developers, system architects, engineers, and security practitioners to audit applications and systems.