Logo
Northeastern University

Senior IT Auditor

Northeastern University, South Boston, Massachusetts, United States,


About the Opportunity Job Summary Northeastern University's Audit & Advisory Services is seeking a motivated and talented individual to join our team as a Senior IT Auditor. This is an exciting opportunity to join our team of skilled professionals that work collaboratively throughout the University as a trusted partner. The team consistently delivers high-quality results in a challenging and fast-paced environment. Working in a strong and established team and reporting to the IT Audit Manager, the Senior IT Auditor will participate in all phases of assigned audits, from planning to reporting. They will skillfully conduct and successfully execute a range of challenging audit work including executing audits from the annual audit plan, advisory projects, leading audit client engagements, assist in developing data analytics procedures (e.g. Power BI, Tableau, etc.), and developing a robust IT audit program. The Senior IT Auditor will be familiar with new areas of focus for technology audits: process automation, artificial intelligence, while continuous monitoring/auditing continues to evolve. The ideal candidate will learn the business from the inside and gain broad exposure to a variety of IT systems and professionals working in software development, information and network security, change management, access control, IT infrastructure, server virtualization, cloud computing and other key areas of this growing department. You will have the opportunity to help facilitate positive change by examining business processes and recommending areas for improvement within the University. Your experience will not be limited to auditing IT systems. Our cross-functional approach enables collaboration between IT, Financial, and Operational audits while leveraging our department's guiding principles. There will be significant exposure to senior management throughout the organization. Regrettably, the university is unable to work sponsor for this role, now or in the future. As a trusted partner and integral team member, the Senior IT Auditor: Maintains the highest level of professional and ethical standards as expressed in Audit & Advisory Services' Audit Charter and the IIA's International Professional Practice Framework (IPPF). Builds effective relationships with all levels of stakeholders across our campuses Provides value-added professional audit work, individually or as a collaborative team member, in conducting reviews of assigned organizational activities in accordance with the IIA and department standards. Plans and executes information technology (IT) audit projects designed to provide assessment of internal control processes and operational performance. Demonstrates and applies a thorough understanding of complex information systems. Prepares detailed plans for performing individual audits including the identification of key risks and controls, determination of audit objectives, and development of an appropriate audit program. Uses knowledge of the current IT environment and industry IT trends to identify potential issues and risks. Under minimal supervision, develops clear and concise audit work papers to support findings and recommendations, and writes clear and concise reports for management. Identifies potential audit areas, assists with assessing the degree of inherent risk, and estimating the time and skills required to complete audit projects. Contribute to the development of the IT audit plan based upon risk assessment, management's goals and objectives, and the requirements of the Audit & Risk Committee. Performs or assists in performing special projects or studies, including risk assessments, fraud investigations, audit department policy updates, due diligence acquisition reviews. Participates in reviews of internal controls and security of systems under development as well as major IT projects and initiatives. Key Responsibilities IT Audits Perform IT audits including reviews of system development, program changes, operating systems, databases, applications software, data security, computer operations, network security, business continuity, and disaster recovery. Develop and incorporate security vulnerability assessments during audit reviews. Perform pre- and post-implementation reviews for new or modified application systems to assess project management, data integrity and security controls. Such audit reviews will be conducted by assessing risks and identifying audit objectives and scope for each review, developing audit programs, performing interviews and test work, developing clear and concise audit work papers timely to support findings and recommendations, and writing clear and concise reports to management. Facilitate the communication of audit results through written reports and oral presentation to management. Audit work performed must adhere to the Institute of Internal Audit's (IIA) Standards for the Professional Practice of Internal Auditing Develop and maintain relationships with Information Technology Services management. Non-IT Audit, Consulting and Special Projects Perform integrated audits as necessary to carry out the annual audit plan. Under the supervision of audit management, perform consulting engagements and investigations as assigned. Contribute to University wide initiatives as necessary. Assist in developing data analytics procedures using Microsoft Excel, PowerBI and other tools (e.g. Tableau) for automating and performing routine operational and financial audit tasks. Professional Development Seek ways to develop self professionally through attendance at seminars, in-house training sessions, professional exams/certification, and self-study in order to remain informed of current developments in IT auditing, maintain technical competence and proficiency from the standpoint of evaluating University operations and controls. Attend training and carry forward information gathered into executing the audit plan. Experience Required Candidate for this position should possess: Minimum of three years' experience in, IT auditing, or Information Security assurance/consulting. Bachelor's Degree in Management Information Systems, Information Security/Assurance, Computer Science, or a related discipline. Master's degree is a plus. Certification as CIA, CISA, CISSP, CISM preferred or working towards. Knowledge or experience with security and technology frameworks (e.g. NIST, CMMC). Experience with Institute of Internal Auditor Standards and Guidance, and awareness of ISACA. Knowledge of data analytics and tools such as Tableau, Cognos, or Power BI. Proficient with Microsoft Office applications including Word, Excel, Power Point and Visio. Demonstrate ability to develop audit approach for areas that may not be familiar to auditor and/or not audited prior. Demonstrated ability to work independently and as part of a project team. Ability to handle confidential information with professionalism and understanding of ethical responsibilities. Excellent interpersonal, written, and verbal communication skills with ability to lead, interact with, influence, resolve conflict and drive decisions / accountability among individuals from a variety of cultures and disciplines. Position Type Legal and Regulatory Administration Additional Information Northeastern University considers factors such as candidate work experience, education and skills when extending an offer. Northeastern has a comprehensive benefits package for benefit eligible employees. This includes medical, vision, dental, paid time off, tuition assistance, wellness & life, retirement- as well as commuting & transportation. Visit https://hr.northeastern.edu/benefits/ for more information. Northeastern University is an equal opportunity employer, seeking to recruit and support a broadly diverse community of faculty and staff. Northeastern values and celebrates diversity in all its forms and strives to foster an inclusive culture built on respect that affirms inter-group relations and builds cohesion. All qualified applicants are encouraged to apply and will receive consideration for employment without regard to race, religion, color, national origin, age, sex, sexual orientation, disability status, or any other characteristic protected by applicable law. To learn more about Northeastern University's commitment and support of diversity and inclusion, please see www.northeastern.edu/diversity.