Senior IT Auditor

Job not on LinkedIn

November 25

🗽 New York – Remote

Although this job is listed in New York, this company may be open to hiring remote in other states.

💵 $86.5k - $129.7k / year

⏰ Full Time

🟠 Senior

🔎 Auditor

Apply Now

Receive Emails with Similar Jobs

UR Ventures

WebsiteLinkedInAll Job Openings

Education • B2B • Science

UR Ventures is the innovation and commercialization arm of the University of Rochester, focused on advancing research and academic entrepreneurship. It connects university faculty and researchers with industry partners to facilitate the development of new technologies and businesses that can positively impact society. UR Ventures promotes collaboration, creativity, and knowledge transfer, thereby contributing to the university's mission of making the world ever better.

11 - 50 employees

📚 Education

🤝 B2B

🔬 Science

📋 Description

• Develops, directs, plans and evaluates internal audit programs for the organization's information systems and related procedures to ensure compliance with the organization's policies, procedures and standards. • Audits information systems applications to ensure that appropriate controls exist and that information produced by the system is accurate. • Advises others on information systems, internal controls and security procedures. • Prepares reports and recommendations for management on the results of information systems audits. • Conducts annual audits and risk assessments of the University's related to a wide array of information systems areas. • Evaluates the University's compliance with the standard requirements and assessment procedures. • Completes the applicable report for the assessment and attestation of compliance, obtains any required signatures, and submits annually to the University's acquiring bank. • Plans and leads meetings with clients to discuss the goals and objectives of the audit, with a focus on business processes and internal controls. • Develops audit procedures geared toward helping business units achieve objectives and identifies areas of exposure that may prevent objectives from being met while allowing for a broad range of coverage to maximize impact. • Promotes the ability to provide advisory services through continuous communication with management. • Executes internal control risk assessments and develops customized audit strategies for the client under audit. • Creates a plan for the scope, timing, and resources needed to complete assigned audit projects and presents to leadership. • Obtains, analyzes, and appraises evidentiary data as a basis for an informed, objective opinion on the overall efficiency and effectiveness of management's internal controls, business processes, and ability to meet goals and objectives. • Prepares formal reports expressing opinions on the adequacy and effectiveness of activities performed. • Makes presentations to leadership prior to and at the conclusion of audits, addressing deficiencies and explaining recommended effective actions. • Uses technology to support audit projects. • Identifies, clarifies, and researches problems to find the best solutions. • Performs independent analysis and reasoning with attention to detail, while challenging the culture and status quo to generate new ideas. • Other duties as assigned.

🎯 Requirements

• Bachelor's degree and 3 years of relevant experience required or equivalent combination of education and experience • Knowledge of network architecture, servers, databases, and cloud environments required • Knowledge of data management practices, including data governance, protection, and privacy relevant to regulations such as HIPAA and GDPR required • Knowledge of standards and best practices for cybersecurity protocols, including firewalls, intrusion detection, and encryption techniques required • Knowledge of IT governance / control frameworks and standards (e.g., COBIT, HITRUST, NIST, ISO) required • Proven experience in IT auditing or risk management, with a focus on assessing IT controls and cybersecurity required • Proven experience in performing audits of IT systems, applications, and data security practices required • Familiarity with Systems Development Life Cycle (SDLC) required • Understands internal controls, business processes, auditing procedures and risk assessments required • Proficient in PC functionality and Microsoft Excel, Word and PowerPoint required • Ability to manage appropriate steps to get projects completed; has strong abilities to organize people and processes required • Ability to present ideas effectively and persuasively and convey concepts in a wide-variety of forums (Speaking to large groups, one-on-one, etc.) required • Ability to understand the “big” picture; champions University’s mission to those in all levels of the organization; sets short and long term goals to align business with University vision required • Ability to write thoughts and concepts in a clear and organized manner; effectively manages formal and informal communication required • Ability to understand how organizations operate required • Ability to manage effectively in a highly political environment required • Strong interpersonal skills required. • Ability to effectively communicate and relate to all levels within and outside the organization required • Able to use logic to solve challenging problems required • Able to resolve problems in a fair manner and gain the respect and trust of others involved in the negotiations required. • Able to make timely or planned decisions appropriate to the circumstances or situation required • Continuous energy to see projects through to completion, especially when faced with difficult obstacles required. • Ability to learn new technical skills and information adeptly required • Ability to perform at a high level due to strong functional knowledge required • Knowledge of electronic work papers required • Systems implementation experience preferred. • Experience in the health care and/or higher education environment preferred. • CIA, CISA, CISM, CISSP, CRISC, CGEIT, CPA, and/or MBA upon hire preferred.