Senior IT Audit Analyst - BSC (Hybrid)

Exelon•Washington, DC

2d•Hybrid

About The Position

The Senior IT Audit Analyst is responsible for leading audit engagements focused on evaluating IT, Cybersecurity, and Physical Security risks and controls. This role is a crucial part of the broader Exelon Audit Services team and will be tasked with leading risk assessments, developing & executing audit plans, drafting audit reports including issues & remediation actions, and supervising other analysts under the guidance of the IT Audit Manager. The primary focus of this role will be executing risk-based operational audits of IT & Security processes, but the Senior IT Audit Analyst will also play a role in fostering a high-performance learning environment and may assist in non-IT based audits, analysis of emerging risks, and delivering Exelon's business plan through broad company-wide initiatives.

Requirements

4-7 years of professional internal or external audit experience, with at least two years focused on IT, financial systems, cybersecurity, and physical security risks and processes.
Demonstrated strong analytical and oral and written communication skills, including in drafting and presenting reports.
Strong understanding of the Institute of Internal Auditors' (IIA) Global Audit Standards and International Professional Practice Framework.
Experience assessing processes using common IT and Security frameworks, such as COBIT, ISO 270001, and NIST CSF.
Experience auditing IT implementation projects guided by varying project management frameworks.
Ability to assess process and control gaps, identify root causes, and develop remediation plans.
Bachelor's degree in Accounting, Business, Computer Science, Finance, Management Information Systems, or related program.

Nice To Haves

5-7 years of experience working in an internal or external audit consulting environment
Ability to navigate through ambiguity, manage and coordinate multiple project assignments simultaneously in a changing, deadline-driven environment
Ability to work independently or supervise audit analysts on individual audit engagements
IT General Controls or other Sarbanes-Oxley compliance testing experience preferred
Relevant professional accreditation (e.g. CISA, CISSP, CIA, CPA, PMP
Utility or other regulated industry experience preferred

Responsibilities

Plan and Execute IT and Security audit engagements. Includes performing background research, including reviewing relevant regulatory standards and identifying best practices for business processes; identifying and assessing risks in current processes; developing and executing audit test plans; and drafting issues, recommendations, and reports under Manager supervision.
Provide active coaching and support of internal audit staff members to support a high performing learning organization.
Conduct post-audit follow up to ensure action items were completed to effectively mitigate risks identified during the audit engagement.
Assess enterprise level risk and identify potential future engagement in support of a continuous risk assessment and engagement planning process.
Support operational department initiatives as needed.

Benefits

Annual salary will vary based on a candidate’s skills, qualifications, experience, and other factors: $93,600.00/Yr. – $128,700.00/Yr.
Annual Bonus for eligible positions: 15%
401(k) match and annual company contribution
Medical, dental and vision insurance
Life and disability insurance
Generous paid time off options, including vacation, sick time, floating and fixed holidays, maternity leave and bonding/primary caregiver leave or parental leave
Employee Assistance Program and resources for mental and emotional support
Wellbeing programs such as tuition reimbursement, adoption and surrogacy assistance and fitness reimbursement
Referral bonus program
And much more