Senior Controls Assurance and IT Compliance Auditor

Essential Responisibilities:Conduct assurance reviews and audits to evaluate the design and effectiveness of controls supporting the company's bsuiness processes and information systems, with specific focus on IT General Controls.Lead and execute all aspects of the audit process, including planning, risk assessment, controls identification, client coordination, fieldwork, adata analysis, work paper documentation, reporting, and remediation validation, with direction from senior team members.Understand business and IT processes to identify risks and evaluate internal controls.document thorough understanding of business processes, including the role of technology in supporting the processes. Effectively perform testing of automated business process controlsAssess information technology design and operating effectiveness, particularly related to application and infrastructurelogical access, change management, and operations, as well as more common information security considerationsevaluate root cause factors, extent of risk, and mitigation/compensating controls for audit testing exceptionsProvide first level of detail review of work paper documentation to ensure audit testing work papes are documented in a consistent and high quality manner while executing project tasks in adherance to established timelinesPartner with Audit Services Group project leadership to assess the adequacy of the corrective action(s) taken by management, stakeholders, and/or process owners to improve governance, risk management, and control issuesTrack and reports project status and milestones to project leadership and/or managementDiscuss audit resutls, their impact, and recommendations for corrective actions with Audit Service Group project leadership, external audit partners, and/or managementBuild and develop Audit Services Group's brand within the company through meaningful relationship buildingCoordinate audit activities with management, co-source providers, and external auditorsEnable continuous improvement of the Audit Services Group by identifying and communicating enhancement opportunities to department leadershipSupport the development of other team members within the Audit Services GroupKnowledge, Skills, and Abilities:Experience in testing information security controls at the application, operating system, and database layers - including logical access, change management, operations, and information security controls considerationsExperience in executing large and complex regulatory compliance projectsDemonstrate strong project management and execution skills, including prioritizing tasks, balancing workload, anticipating next steps, and adapting to changeAbility to lead projects with little instruction on day-to-day work, generally receiving general instructions on new assignmentTailor project approaches bsed on areas of key risks. Critically aveluate audit procedures to maximize the value of each audit projectProactively communicate issues with colleagues and obtain agreement on audit findings and practical recommendations with control owners prior to presentation to managementStrong communication and presentation skills with an ability to tailor communications to different audiencesPrepare clear, concise, and accurate documentation and audit reports. Ensure compliance with audit standardsPursue work with enthusiasm, energy, drive, and team collaboration. Maintain a positive, professional, and team-oriented attitude.Establish and build effective relationships. Collaboratively work with management to improve internal controls and processesAssist and provide guidance to the Audit Services Group staff, when needed; train staff during fieldwork.Required Qualifications:Bachelor's degree in Accounting, Auditing, Business Management or Information Technology3+ years of relevant audit and risk management experienceMerchant Acquiring/Payment Processing industry experience preferredExperience with internal controls framework such as COBIT, FFIEC, Sabarnes-Oxley (SOX), SSAE18, NIST, ISO27001, and ITILKnowledge of auditing princilples and practices, including the analysis and reporting of audit informationKnowledge of IT controls concepts, including access controls, information security, process automation, systems development and change managementCPA, CIA, or CISA certification preferred, or willingness to obtain certification within 1 year of employment10 Full-Time position(s) available.