Senior IT Auditor
San Francisco, CA | Direct Hire
Senior IT Auditor
Location: San Francisco, CA
Principal Duties and Responsibilities include but are not limited to:
- Plan and execute IT audits, including identifying and analyzing risks, planning and prioritizing the audit work, conducting audit interviews, observing operations, documenting and analyzing procedures and controls, performing audit tests, preparing appropriate work papers, developing audit recommendations and reviewing them with appropriate management, and preparing audit reports.
- Assist in defining, refining, implementing and maintaining the Company’ s audit process, including department standards and procedures that will be overseen by the Audit Committee of the Board of Directors.
- Adhering to and complying with all applicable, federal and state laws, regulations and guidance, including those related to Anti-Money Laundering (i.e. Bank Secrecy Act, USA PATRIOT Act, etc.)
- Ensure the overall quality, consistency, risk management and adherence to department and professional standards for IT audits, identifying opportunities for audit process improvement and integration with the financial, operational, retail and compliance audit processes.
- Liaison with and represent the internal audit department to external parties including external auditors.
- Provide risk identification, security and audit control input for projects and other initiatives.
- Assist with developing and implementing an annual audit plan by assessing relevant risk factors, considering management’ s expectations of Internal Audit’ s strategic involvement throughout the organization and with outside vendors.
- 5+ years of demonstrated internal control or risk management related experience; “ Big 4” public accounting/consulting experience highly desirable.
- BS/BA degree required; related technical field is preferred.
- Professional certification, such as CISSP, CIA, CISA, CPA, is preferred.
- Banking or finance experience primarily focused in internal audit, enterprise-wide risk management, and technology risk consulting
- Knowledge of FFIEC, COBIT 5, Sarbanes-Oxley Act of 2002 and the COSO control framework.
- Knowledge and experience in information technology audit, systems design and management, security, and client server technologies.
- Understanding of security software, database technology, and emerging e-commerce and internet technologies.