IT Audit Intern (Summer 2020)

UHY LLP - St. Louis, MO3.8

Temporary | InternshipEstimated: $36,000 - $50,000 a year
Position Summary
This is an internship for individuals who are interested in pursuing a career in professional services, specifically in the field of Information Technology (IT) Audit and cybersecurity. IT Audit staff will focus on developing skills, building their technical skill base, understanding and executing diligent client service, and becoming oriented to the Firm’s practices, policies, and culture. Work is performed under close supervision. Responsibilities increase with demonstrated skill.

The Technology Risk Consulting (TRC) major service offerings include IT Audit, SOC1, SOC2, PCI, HIPAA, and cybersecurity compliance initiatives. In addition, IARC supports financial statement audit teams and internal audit teams with documenting and testing IT controls.

IT Audit engagements: Basic audit acumen is needed, including the ability to grasp concepts quickly and demonstrate knowledge of basic technical skills, as well as related knowledge of common systems and procedures.
Communication skills: IT auditors need strong technical and business communication skills. IT auditors need to speak the language of all stakeholders so they can translate complex technical problems into quantifiable business decisions.
Ability and willingness to train others in general IT audit skills: Because much of what IT auditors learn is through on the job training, IT auditors must be able to train coworkers and subordinates in the fast-paced environment of IT auditing.
The ability to understand new technologies in a short-time period: With the accelerated development of new technologies and increasing sophistication of hackers, IT auditors must be able to stay on top of the most current trends.
Decision making: IT auditors are expected to make well-thought-out decisions and consider all facts prior to making final conclusions.
Regulatory standards: IT auditors are expected to follow regulations and professional ethics standards bodies, such as the AICPA.
Time keeping: Consultants are expected to track time and maintain designated chargeable hours for the year.
Quality control: Consultants are expected to ensure quality control procedures are being executed under direction of engagement supervisor, and perform thorough self-review of all work prior to submission.
Active Listening - Giving full attention to what other people are saying, taking time to understand the points being made, asking questions as appropriate, and not interrupting at inappropriate times.
Reading Comprehension - Understanding written sentences and paragraphs in work related documents.
Speaking - Talking to others to convey information effectively.
Writing - Communicating effectively in writing as appropriate for the needs of the audience.
Social Perceptiveness - Being aware of others' reactions and understanding why they react as they do.
Mathematics - Using mathematics to solve problems.
Computer Skills – Ability to operate spreadsheet, word processing and email programs.
Experience and Education
Pursuing a Bachelor in Accounting with an interest in IT Audit
Demonstrate knowledge of basic business, technology, and audit principles/standards
Must have a desire to work toward achieving one or more of the following in the future:

Certified Public Accountant (CPA)
Certified Information Systems Auditor (CISA): ISACA's globally recognized cornerstone certification for IS, audit, control, assurance, and security professionals who control, monitor, and assess an organization's information technology and business systems. This is considered the current industry standard for IT auditors.
Certified Information Systems Security Professional (CISSP): An independent information security certification governed by the International Information Systems Security Certification Consortium, also known as ISC², which provides security training to information assets.
Certified Information Security Manager (CISM): ISACA's certification program for those who manage, design, oversee, or assess an enterprise's information security.