SOX IT Auditor

---

Job description

**Pay Rate Range: $35.00-$45.00

**Contract till Feb 2022

**Candidate can be remote - Eastern time zone only

SOX IT Auditor (Virtual Eastern)

Primary Skills: Testing SOX controls

Preferred: Audit Board experience

Seeking candidates with a balance of technical and audit experience who are looking to build upon these talents as part of an influential audit team. The ideal candidate has a combination of technology knowledge, IT audit experience as well as strong SOX technology controls experience.

As part of client's Internal Audit department, the IT Auditor participates in IT audit engagements including risk-based audits and reviews that cover internal controls over financial reporting that are designed to assess the organization's IT risk exposure and recommend any needed enhancements to business systems, processes, or controls. In doing so, the IT Auditor is responsible for understanding and evaluating the internal control and risk environment.

The IT Auditor conducts audit interviews, assesses risks, identifies controls, develops test plans, gathers and reviews evidence completely and concisely document audit activities, and articulately communicates audit results to senior management.

Key responsibilities:

• Build and maintain an understanding of client's core IT control processes (e.g., change management, logical access, computer operations, software development)

• Participate in the planning of audits by collaborating with IT and business management to develop control walkthrough narratives, the matrix of key controls, testing approach and schedule

• Participate in IT audit programs for business process reviews, system implementations, and application reviews

• Execute audit procedures including process interviews, requesting, reviewing and analyzing evidence, and documenting test steps in detailed, well-supported work papers

• Execute testing of IT general controls supporting SOX compliance

• Support audit reporting and issue remediation efforts, including tracking the status of open issues and other IT-related findings

• Communicate with process owners to clarify the importance of an effective control environment and the role of internal audit

• Develop and maintain productive, team-oriented relationships through individual interactions and group meetings

• Maintain awareness of significant changes across the organization and their potential impact on the established control environment

Basic Qualifications:

• Requires a bachelor's degree from an accredited college or university

• Two years risk-based IT audit experience, including documentation of business processes, risks and controls

• Three years business systems support, including documentation of business processes, risk and controls identification

• Strong knowledge of IT general controls related to system operations, information security and change management

• Understanding of the threats and vulnerabilities associated with business technologies

• Excellent oral, written, listening, and presentation skills

• Ability to maintain composure under pressure while managing multiple assignments and priorities

• Demonstrated dedication to teamwork

• Demonstrated integrity within a professional environment

• Ability to operate a computer with a high level of proficiency in the Microsoft Office suite of products. Includes experience with large spreadsheets, databases, word processing and some data analytics

Preferred Qualifications:

• Bachelor's degree from an accredited college or university, preferably in Accounting, Finance, Business Administration, Computer Science, Information Systems, or related field

• Exposure to various auditing environments

• Ability to prepare detailed data/ process walkthrough documentation

• Proven track record in applying broad business knowledge and practical experience to working with/ managing technology risks and controls

• Demonstrated work successes utilizing project plans, issue logs, risk/mitigation strategies, automated testing tools

• Working knowledge of identity/authentication platforms such as Active Directory, RACF, Oracle Identity Manager or SailPoint

• In-depth knowledge of the threats and vulnerabilities associated with business technologies

• Some exposure to Accounting/Finance principles