The IT audit coordinator will work with various groups across the IT organization and serve as a facilitator to enable timely completion of audits performed by internal and external auditors. The IT audit coordinator works with Internal and external auditors and process / control owners. This person will be the point person in key audit related activities such as audit planning, communication of the controls and audit objectives, schedule and attend meetings, track evidence requests and remediation activities to support various audit related activities. The IT audit coordinator will be responsible for timely and accurate updates to management.
Essential job functions and responsibilities:
Support the tracking of audits, schedule audit follow-up, and central storing of audit reports and artefacts.
Attend walkthrough, Information Provided by Entity, testing and reporting meetings for various audit engagements
Lead metrics-based tracking to measure effectiveness and efficiency of accomplishing various audit objectives
Actively work on Process, Risk and Controls framework
Work closely with the Archer risk findings team on risk related to audit issues
Review and upload audit requests, submission, correspondence, findings and results
Perform evidence reviews prior to delivering to auditors
Work closely with the project manager and provide regular updates on various audit meetings and sessions
Work with the audit issue management team to gather updates on audit issue remediation, assess Management Action Plan, report status of issues
Partner closely with IT Risk and Security organization stakeholders on audit controls testing, implementation of controls to address audit gaps, documentation of management action plans as response to audit reports etc
Knowledge, Skills and Abilities
Education
A Bachelor’s degree from an accredited college or university with major course work in IT, Security or a closely related field.
Experience
6 to 8 plus years of total experience and at least 4 to 5 years of experience in IT risk and compliance, internal audit or IT risk advisory with a strong understanding of audit processes and engagements
Experience with IT process, risk and controls framework and IT General Controls (ITGC)
Solid understanding of IT auditing procedures and techniques
Working knowledge in at least one of the Governance, Risk and Compliance (GRC) tools such as OpenPages (preferred), RSA Archer, RSAM, SAP GRC, Risk Connect, ACL etc.
Working knowledge of Sarbanes-Oxley, SSAE18 SOC 1 and SOC2 requirements.
Experience with industry standard Information Technology Control Policies and Standards frameworks including COBIT, NIST and ISO is preferred
Independently plan, organize and direct an audit program under minimal supervision
Knowledge and skills (general and technical)
Excellent interpersonal, verbal, and written communication skills, including experience in making presentations to senior management and technical subject matter experts
Ability to conducting training sessions on various IT audit topics
Experience with Microsoft based applications such as Excel and SharePoint. Advanced excel skills such as VLOOKUP, Pivot tables and macros, is desirable
Ability to work effectively with multiple levels of management and collaborate to improve promote partnership. Establish and maintain effective working relationships with process and control owners
Must process problem solving, planning, and analytical skills to drive continuous improvements
Flexibility in working hours and handling escalation and pressure situations
Excellent inter-personal skills with the ability to coordinate cross functionally
Other Requirements (licenses, certifications, specialized training – if required)
Working Relationships
Internal Contacts
(and purpose of relationship):
All Internal GOSC Stake Holders
External Contacts
(and purpose of relationship) – If Applicable
Stateside Client/ Engineers from different regional Security teams (Such as Country/Regional Head for Monitoring/Containment)
