Key Tasks, Duties and
- Execute the annual audit plan, including identifying and defining issues, developing criteria, reviewing and analyzing evidence, and documenting processes and procedures around critical areas such as SDLC, Change Management, Security, IT Infrastructure, Third-Parties, IT Project Management, Data Protection and Privacy, etc
- Anticipate potential barriers, issues, and management concerns and create action plans and recommendations to address these concerns while helping the company make progress
- Communicate the results of audit and consulting projects via written reports and oral presentations on a timely basis to management and executives.
- Conduct annual tests of Information Technology General Controls (ITGCs) over financial reporting requirements
- Provide consulting services to implement lasting change and sustained improvements around key activities to support the company’s highest priorities
- Coordinate and conduct special audits, investigations, and/or ad hoc projects with minimal supervision and direction from the Internal Audit Manager
- Pursue professional development opportunities, including external and internal training and professional association certifications and memberships
- Participate in the change management process
- Develop a strong understanding of business and system processes
- Any other assignments and responsibilities as may be assigned by the Management
Education & Certification
- Bachelor’s degree in Accounting, Finance or Information Technology
- Professional license (CISSP, CISA, CISM, CRISC, CISSP, ITIL, or similar)
Experience & Key Competencies
- A minimum of 2-5 years of relevant work experience, preferably in the insurance industry
- Proficient in internal auditing principles and best practices (IIA Standards, COBIT, COSO, etc)
- Proficient in auditing: applications, distributed platforms (Windows/Unix), database (SQL/Oracle), infrastructure, and IT security tools and techniques
- Analytical mind and expertise in IT systems, applications and infrastructure
- Outstanding problem-solving skills, a meticulous attention to detail and a great understanding of cyber security trends.
- Capable of maintaining the confidentiality of sensitive information while working with a variety of technologies, security problems and troubleshooting of the network.
- An excellent understanding of Firewalls, VPN, Data Loss Prevention, IDS/IPS, Web-Proxy and Security Audits.