Executive / senior industry position
Share this Job Title: Experienced Senior Information Technology (IT) Auditor
Everyone communicates. It’s the essence of the human experience. How we communicate is evolving. Technology is reshaping the way we live, learn and thrive. The epicenter of this transformation is the network—our passion. Our experts are rethinking the purpose, role and usage of networks to help our customers increase bandwidth, expand capacity, enhance efficiency, speed deployment and simplify migration. From remote cell sites to massive sports arenas, from busy airports to state-of-the-art data centers— we provide the essential expertise and vital infrastructure your business needs to succeed. The world’s most advanced networks rely on CommScope connectivity.
We are looking for a seasoned professional to serve as an Experienced Senior Information Technology (IT) Auditor for the Corporate Audit & Advisory department.
The candidate will join an established team, reporting to the Technology Senior Audit Manager. He or she plays a key role in helping to embed robust internal controls over technology and a wider role in the review of our business. This position will help manage critical aspects of the Technology Audit area of the Internal Audit department including coordination with the Financial / IT groups on Sarbanes-Oxley testing activities, execution of any technology related Internal Audit projects, and coordination with external auditors.
We are seeking candidates with broad-based subject matter expertise in technology areas, including IT general computer controls, application controls and IT infrastructure and specifically in cloud-based applications and agile software development. The ability to understand and review finance processes and the management control aspects is a big plus.
Participate on an integrated team of professionals in a dynamic environment that includes pursuit of continuous improvement of our practices. The Corporate Audit & Advisory role involves assessing business processes and internal controls for risk-based audits; conducting and leading operational, financial, IT and compliance audit projects; identifying business risks and best practices; providing insight and value to management on matters of risks and controls; providing input to development of the annual audit plan; and developing individual and team professional competencies. Maintain organizational and professional standards. Work independently under general supervision with the opportunity to demonstrate initiative and judgment.
DUTIES & RESPONSIBILITES:
Below are the expected duties and responsibilities for each level of IT auditor within the Corporate Audit & Advisory department. These are the minimum expectations for each level. In order for an auditor to move to the next level they will need to demonstrate the ability to consistently exceed expectations for the current level they are assigned. Duties and responsibilities expected to be performed independently.
- Assist in identifying and evaluating the organization’s key risk areas, including impact on the IT environment, and provide input to the development of the annual audit plan.
- Support engagement management with audit project planning which includes developing risk assessment, audit scope, and time budget.
- Conduct risk assessment interviews/meetings with audit beneficiaries and key participants.
- Utilize Corporate Audit & Advisory standard project processes, milestones, and templates.
- Provide subject matter expertise in IT general computer controls (e.g., logical security, change management, operations, disaster recovery), application, infrastructure areas (e.g. firewalls, operating systems, databases, etc.) and strong knowledge of information security risks.
- Identify and document Information Technology General Controls (ITGCs), application controls for business systems, and IT processes.
- Develop test plans to analyze the design and operating effectiveness of ITGCs and application controls. This includes identification of population, selection of sample, and proficiency with computer systems.
- Analyze information and data to assess the design and operating effectiveness of ITGCs and application controls and identify process improvements.
- Execute IT SOX 404 compliance engagements including, but not limited to, testing internal control design and operating effectiveness, providing guidance to process owners, rationalizing controls, and proactively communicating/tracking control improvement opportunities to completion.
- Execute IT Audit and advisory projects including, pre/post-implementation and conversion reviews, IT strategy / governance, IT cyber security / ISO 27002, governance, strategy, ERPs / applications, infrastructure, security, user access, configuration and other IT areas supporting financial, operational, and compliance audit projects.
- Document results of testing. This includes being familiar with audit software, data interrogation tools, and documentation standards.
- Conduct interviews and take notes sufficient to understand a specific process or system and to test assigned areas.
- Communicate nature of control deficiencies to CommScope management.
- Support engagement management in the organization and development of the audit report including well-written audit findings, remediation recommendations, executive summary, prioritized audit findings, and assignment of risk ratings.
- Submit audit report draft timely to engagement management for review.
- Lead assignments related to development of process documentation, tests of configuration of ERP controls, tests of electronic audit evidence (EAEs), and evaluation of reports on controls at service organizations in support of Internal Controls over Financial Reporting (ICFR) framework.
- Lead audit projects (concurrently) demonstrating the ability to review staff audit work to ensure it is well organized, meets test objectives, and is in compliance with appropriate workpaper documentation standards.
- Provide proactive status updates to the IT Audit leadership, Internal Audit team, IT/process owners, and external auditors. Effectively and timely communicate project status in the audit plan, department schedule, and meetings.
- Demonstrate the ability to coach staff auditors and provide timely feedback on staff performance to the engagement manager.
- Develop and maintain productive relationships with management and Corporate Audit & Advisory team through individual contact and meetings.
- Pursue professional development opportunities, including internal and external training, utilizing membership of professional organizations and sharing information with co-workers.
- Exercise discretion in the review of records to ensure confidentiality of all matters that come to the auditor’s attention.
- Travel to domestic and foreign locations (where English may not be the first language). Up to 35%.
Additional Personal Characteristics
- Analytical, innovative, and creative thinker with strong problem-solving skills and the ability to quickly assimilate information in a complex environment with acquisitions and new systems / system conversions.
- Strong organization and follow-up skills, including the ability to handle competing priorities and meet all deadlines and commitments.
- Ability to multi-task various complex tasks on hand.
- Conscientious, conceptual, analytical and critical, with the ability to liaise with all levels within the company.
- A committed team player, eager, results-oriented, self-assured and down to earth.
- Initiative, and passion for helping to support continuous improvement and value creation in Information Technology as well as related aspects of Financial, Compliance, and Operational areas.
- 5+ years related work experience.
- Strong knowledge of audit techniques, methodologies, and best practices including around Sarbanes Oxley Section 404/302 and Internal Audit.
- Strong knowledge of Internal Audit frameworks including performing risk assessments, creating / updating control documentation, testing controls, tracking deficiencies, and recommending solutions.
- At least 2 years project management or audit experience, with one or more of the following designations, CPA/CIA/CISA/CISM required.
- Demonstrated ability to work effectively within diverse teams.
- Action oriented, sets priorities, and maintains a drive for completing assignments.
- Effective oral and written communication skills in a variety of settings and styles.
- Working knowledge of word processing, spreadsheet, and other business software applications (e.g. Microsoft products).
- Working knowledge of Sarbanes-Oxley compliance and ITIL and COBIT frameworks is preferred.
- 35% travel.
- Experience with audit tools (e.g. TeamMate), data interrogation software (e.g. IDEA) is preferred, visualization applications (e.g. Tableau, Click View, InfoZoom), user access tools [e.g. Net IQ AGS]) and SharePoint.
- Experience with the following systems and technical platforms: SAP, Oracle, Windows, UNIX, Databases and Cloud Systems including Oracle application knowledge.
- Foreign language skills.
It is the policy of CommScope to provide Equal Employment Opportunities to all individuals based on merit, qualifications and abilities. CommScope does not discriminate in employment opportunities or practices on the basis of race, color, religion, gender (including pregnancy), national origin, age or any other characteristics as protected by law. Furthermore, this contractor and subcontractor shall abide by the requirements of 41 CFR 60-300.5(a) and 41 CFR 60-741.5(a). These regulations prohibit discrimination against qualified protected veterans and qualified individuals on the basis of disability, and require affirmative action by covered prime contractors and subcontractors to employ and advance in employment qualified protected veterans and qualified individuals with disabilities.
Executive / senior industry position