Sr. IT Internal Auditor

About The Position

Requirements

• Bachelor’s degree in; Computer Science, Accounting, Finance, Economics, or related IT Audit subject – required.
• Numerous years of relevant IT Audit experience from a “Big 4” professional services firm (Deloitte, PwC, KPMG, EY, or similar, such as BDO, Grant Thornton, Forvis Mazars, etc.) – required.
• Certified Information Systems Auditor Certification (CISA) from the Information Systems Audit and Control Association (ISACA) – required.
• Base knowledge, skills, and experience in the principles and practices of technology, IT industry trends, IT Governance controls, IT General Controls (including IT Service Management), Cybersecurity controls (including network security), and IT infrastructure controls (including Cloud).
• Experience in standard Institute of Internal Auditors (IIA) audit methodology (audit planning, fieldwork, and reporting), with an attention to quality to meet methodology requirements with minimal review.
• Working knowledge of IT industry frameworks (including COBIT, NIST, ITIL) and IT Industry standards (such as ISO 27001, the Information Security Standard, and ISO 27017, the Cloud Security Standard, etc.).
• An understanding of the base requirements of key IT regulations such as the expected IT control requirements of the: Sarbanes-Oxley Act of 2002 (SOX). Japan Sarbanes-Oxley Act of 2006 (J-SOX) New York State Department of Financial Services (NY DFS) Part 500 Cybersecurity Regulation. EU’s General Data Protection Regulation (GDPR) on data privacy EU’s Digital Operational Resilience Act (DORA) on cyber resilience, etc.

Nice To Haves

• Other relevant professional certifications are beneficial, such as the Certified Information Systems Security Professional Certification (CISSP) and/or Certified Internal Auditor Certification (CIA).
• Experience with Team Mate (or similar audit systems) a plus.

Responsibilities

• Performing a variety of third-line IT Internal Audits, completing audit fieldwork testing to assess the design and operating effectiveness of IT processes and related controls, within agreed timelines (with a strong delivery focus).
• Standard Internal Audit methodology will be followed, populating audit work performed within Team Mate (our Internal Audit system).
• Clear IT Audit reports will be drafted containing IT Audit Issues with agreed management action plans.
• Open IT Audit issues will be proactively tracked through to remediation / closure.
• Performing rolling IT SOX (Sarbanes-Oxley Act) testing the design and operating effectiveness of IT Entity Level Controls (IT ELC’s), IT General Controls (ITGCs) and IT Application Controls (ITACs) across key financial applications and supporting tools, within agreed timelines (with a strong delivery focus).
• Standard Financial Controls / ICoFR (Internal Control over Financial Reporting) methodology will be followed, populating SOX control design and operation within Team Mate (our Internal Audit system).
• Clear IT control deficiencies will be drafted with agreed management action plans.
• Open IT deficiencies will be proactively tracked through to remediation / closure.
• Collaboration with IT External Audit teams (including EY and Mazars) across Sompo International entities.
• While the role will focus on North America and Europe (including UK) IT Internal Audits, and IT SOX work, this role will also assist with IT Internal Audits and IT SOX work across other regions globally, where required.

Benefits

• Two medical plans to choose from, including a Traditional PPO & a Consumer Driven Health Plan with a Health Savings account providing a competitive employer contribution
• Pharmacy benefits with mail order options
• Dental benefits including orthodontia benefits for adults and children
• Vision benefits
• Health Care & Dependent Care Flexible Spending Accounts
• Company-paid Life & AD&D benefits, including the option to purchase Supplemental life coverage for employee, spouse & children
• Company-paid Disability benefits with very competitive salary continuation payments
• 401(k) Retirement Savings Plan with competitive employer contributions
• Competitive paid-time-off programs, including company-paid holidays
• Competitive Parental Leave Benefits & Adoption Assistance program
• Employee Assistance Program
• Tax-Free Commuter Benefit
• Tuition Reimbursement & Professional Qualification benefits