Senior IT SOX/Operational Auditor

About The Position

Requirements

• Bachelor’s degree in Information Systems, Computer Science, Accounting, or a related field
• Certified Information Systems Auditor (CISA) certification required; public accounting experience preferred
• Minimum of five (5) years of experience performing IT SOX audits
• Experience developing test work programs for new SOX controls, including both manual and automated controls
• Experience performing baseline and benchmark testing of key reports supporting internal controls over financial reporting
• Demonstrated ability to work independently, showing self-motivation and effective self-management with limited oversight
• Problem-solving skills and the ability to manage effectively through ambiguity
• Excellent organizational, project management, and time management skills, including the ability to multitask and meet deadlines
• Proven ability to document work in accordance with external auditor expectations, with strong attention to detail
• Experience scoping and executing IT operational audits, from planning, risk assessment, and scoping through reporting
• Experience assessing and implementing controls aligned with the NIST Cybersecurity Framework (CSF)
• Experience performing risk and control assessments using NIST framework guidance
• Experience implementing and evaluating controls aligned with the NIST framework
• Experience conducting IT risk assessments using COBIT risk guidance and mapping risks to COBIT control objectives
• Collaborative and flexible team-oriented mindset
• Exceptional written and verbal communication skills, including the ability to synthesize and clearly communicate technical information
• Proficiency with Microsoft Office applications, including Excel, PowerPoint, and Word

Nice To Haves

• public accounting experience preferred
• Experience with SAP, data analytics tools, and AuditBoard preferred

Responsibilities

• Lead the development and execution of the annual IT SOX Audit Plan
• Execute and report on IT SOX testing, including testing of IT general controls, automated application controls, and key reports
• Plan, lead, perform, and document control walkthroughs to evaluate the design of IT general controls
• Evaluate the operating effectiveness of key IT SOX general controls and automated application controls through testing
• Perform baseline and benchmark testing of key SOX-relevant reports
• Develop detailed test steps and audit procedures for testing new IT general controls, automated application controls, and key reports
• Apply appropriate test procedures to existing IT SOX controls and reports to ensure key control attributes are adequately addressed
• Document SOX testing work thoroughly and accurately, providing high-quality audit evidence to support conclusions and facilitate efficient review
• Execute test work in compliance with external audit expectations to maximize reliance on internal SOX testing
• Drive cross-functional stakeholder engagement to ensure successful execution of, and alignment with, the annual IT SOX testing plan
• Identify, discuss, and validate potential control exceptions (e.g., SOX deficiencies and process improvement opportunities) in real time with key stakeholders in a professional and constructive manner
• Project manage IT SOX audit activities, ensuring timely execution, achievement of testing deadlines, and regular status reporting to stakeholders
• Support the IT Audit Program Manager and audit team by leading and performing IT operational audits, including:
• Developing risk-based IT audit scopes
• Leading, conducting, and documenting walkthroughs
• Developing, executing, and documenting audit testing procedures
• Drafting audit findings, developing practical recommendations, and proposing remediation actions
• Support internal and external audit activities related to the year-end financial statement audit by delivering required audit documentation and analyses
• Contribute to overall team effectiveness by performing additional responsibilities as assigned in support of departmental objectives and the annual audit plan

Benefits

• Rich health insurance benefits with competitive employer contribution
• Free access to an online wellness resources platform
• Up to 23 Vacation Days
• 80 Hours of Sick Time
• 10 paid holidays and 3 floating holidays
• Flexible work arrangements
• 3 weeks paid parental leave
• Green Team / Diversity, Equity & Inclusion Council / Safety Team / Women’s Network and many other Employee Resource Groups
• 1500 sq foot exercise facility and secure bike room
• Meaningful annual incentive bonus opportunity in addition to base salary
• Competitive 401K company contribution and match
• 15% discount on NW Natural stock through Employee Stock Purchase Program
• Up to $5250 a year in tuition reimbursement
• Wellness incentive program
• 20% off natural gas service
• Up to 30% discount at NW Natural Appliance Center
• TriMet Pass for all HQ employees
• Generous discounts with Verizon & AT&T Wireless