The IT Audit Manager is responsible for the development and execution of the annual IT audit plan. The responsibilities will include the planning and execution of control documentation and control testing in accordance with SOX, execution of integrated audits that focus on both process level and underlying computer application controls, as well as pre-implementation and post- implementation reviews of new applications and technologies. Must know ITGC and SAP.
- Performs an annual IT risk assessment and develops the annual audit plan to address IT related risks
- Has a good understanding of the COSO framework, risk assessment, control analysis and audit methodology
- Lead corporate SOX compliance activities including:
- Performing risk assessment
- Developing IT Control Framework which includes IT General controls and Application controls
- Updating SOX documentation
- Performing walkthroughs
- Executing Control testing .This includes both general and application IT control reviews which typically involves reviews of system architecture ,configuration settings and application functionality. * Performs Infrastructure, Network and Applications Reviews, Pre and Post Implementation Reviews of new IT systems/applications.
- Evaluate and document system-related controls supporting applications, operating systems, databases, networks and other technologies.
- Possess a strong understanding of SAP Security and best practices solutions for SAP implementations. SAP security knowledge should include but is not limited to SAP Authorization Concepts, Roles, Users Administration, and SOD conflict resolution, SAP Access Controls, & SAP GRC Suite.
- Assess the design and effectiveness of policies and procedures related to deployment of IT system changes and IT application changes
- Assess the design and effectiveness of security policies and standards, Internet use, network security awareness and enforcement, access controls security architecture and administration, and operating systems.
- Performs Data Privacy review and related risk analysis
- Must be proficient in the use of personal computers and supporting software in a Windows based environment, including MS Word/Excel/Access/Visio
- Strong analytical skills, including the ability to solve problems and make value-added control and process/technology recommendations
- Strong Project Management Skills
- Excellent verbal and written communication skills, including the ability to communicate with internal and external customers. Ability to represent the team in cross-functional meetings and workgroup sessions to identify improvement opportunities.
- Needs to demonstrate willingness to cross-train, and be cross-trained, in other roles/duties
- Excellent people skills, including relationship management, communication, planning, presentation and motivation
Job Type: Full-time
Salary: $110,000.00 to $125,000.00 /year
- IT Audit: 5 years (Required)
- ITGC: 3 years (Preferred)