Senior Internal Audit IT Consultant

About The Position

Requirements

• Requires a Bachelor's degree in Information Technology, Computer Science, Business, Accounting, Finance or other relevant field or equivalent experience.
• Must possess one of the following certifications within 12 months of hire: Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certified Internal Auditor (CIA), Certified in Risk and Information Systems Control (CRISC) and/or Cloud/AI Certifications from AWS/Azure.
• Must possess a proficiency level in analyzing and documenting business process controls, identifying risk and performance as generally achieved in five plus year’s public accounting and/or internal audit experience.
• Relevant experience in improving internal control processes is a job requirement.
• A solid track record of demonstrated career achievements and academic excellence are expected.
• The successful candidate should demonstrate excellent communication skills (both oral and written) and strong technical audit skills.

Nice To Haves

• Master's degree and/or professional designations such as Certified Public Accountant (CPA), Certified Internal Auditor (CIA), Certified Fraud Examiner (CFE), CISM, CRISC, CGEIT, CRMA are preferred.
• Knowledge of healthcare regulations (e.g. CMS, HIPAA, PCI, etc.) and health plans are a plus.
• Additional related education and/or experience preferred.

Responsibilities

• Audits IT processes and controls with a deep understanding of IT risk and control frameworks (example, COSO, CoBIT, ISO, NIST, PCI DSS).
• Plans and executes IT related audits such as ITGCs, Application controls reviews, system configuration reviews, as well as perform Information Technology and Security risk assessments. Assessments include but not limited to access management; security policies and standards; security architecture; threat and vulnerability management; computer and data breach incident management; data protection; 3rd party/vendor management; security monitoring; security operations and administration; business continuity; disaster recovery; cloud security, cyber security; data security; network security; system security, technology operations and security awareness.
• Coordinates, plans, and executes audits by working with managers and process owners to develop audit programs that document, assess, and test the effectiveness of key internal controls.
• Communicates the audit plan and process so that those being audited understand the requirements and expectations. Listens effectively throughout the audit process in order to effectively evaluate the risks and controls. Communicates audit results throughout the audit life cycle with and management and issue final audit reports with minimum re-work and support of management.
• Facilitates and/or provides advisory services to assist auditee in developing their mitigating plans to address audit findings and risks identified. Responsible for managing assigned audit findings and ensure remediation plans are completed by management on time to effectively mitigate the risk
• Provides support to external technology, financial, compliance, and operational auditors in the performance of the audits they have been engaged to perform. This includes working and serving as liaison to technology and key business partners to ensure alignment and ongoing communication on security controls and risk mitigation.
• This position interacts with a multitude of directors, managers and staff throughout the system depending on the area that is being audited. The diversity of areas that may be audited is significant. These areas range from Banner executives to operational management and staff, to executives and managers with external partners or companies, clinical departments such as pharmacy to the accounting treatment of specific transactions. The position will be required to work cooperatively with various external auditors.