Risk & Security Engineer II - Cary, United States - Axelon

Description

• Working knowledge of Sarbanes-Oxley (SOX), SSAE18 SOC1 and SOC2 requirements.
• Some experience with IT process, risk and controls framework and IT General Controls (ITGC).
• 3-5 years experience in control testing (auditing).

The IT audit coordinator will work with various groups across the IT organization and serve as a facilitator to enable timely completion of audits performed by internal and external auditors.

The IT audit coordinator works with auditors and process and control owners as the point person in key audit related activities such as communication of the controls and audit objectives, coordinate audit walkthroughs, track and fulfill evidence requests to support compliance audits such as Sarbanes Oxley, SSAE 18 SOC 1 and SOC 2, and ISO The IT audit coordinator will be responsible for timely and accurate updates to management.

This position will also be involved in the documentation of control procedures, process narratives, and monitoring of audit corrective action plans.

• Work with external auditors and technology management to support the audit - coordinate walkthroughs, facilitate evidence requests, and monitor and report audit status and metrics.
• Schedule and facilitate audit walkthroughs, Information Provided by Entity requests, testing and reporting meetings for various external audit engagements.
• Lead metrics-based tracking to measure effectiveness and efficiency of accomplishing various audit objectives.
• Document and maintain process, risk and controls narratives and records.
• Collaborate with teams in Global Security Risk and Controls to efficiently obtain evidence for control testing.
• Review and deliver audit requests, submission, correspondence, findings, and results.
• Perform evidence reviews prior to delivering to auditors.
• Work closely with the project manager to develop and maintain the audit schedule, provide management updates on status of audit progress, testing, clarifications, and issues.
• Work with the audit issue management team to gather updates on audit issue remediation, assess remediation plans, report status of issues.

• A bachelor's degree from an accredited college or university with major course work in accounting, finance, IT, business administration or a closely related field (Preferred).
• 5 years of experience in IT risk and compliance (preferred), internal audit or IT risk advisory with a strong understanding of audit processes and engagements.
• Some experience with IT process, risk and controls framework and IT General Controls (ITGC).
• Solid understanding of IT auditing procedures and techniques.
• Working knowledge of Sarbanes-Oxley, SSAE18 SOC 1 and SOC2 requirements.
• Independently plan, organize, and direct an audit program under minimal supervision.

• Experience with industry standard Cyber Security and Information Technology controls and frameworks including COBIT, NIST and ISO is preferred.
• Excellent interpersonal, verbal, and written communication skills, including experience in making presentations to senior management and technical subject matter experts.
• Project management experience is desired.
• Ability to conducting training sessions on various IT audit topics.
• Experience in audit or compliance roles, SOX IT controls, SSAE 18 SOC 1 and SOC 2 reports
• Experience with Microsoft based applications such as Excel and SharePoint. Advanced excel skills such as VLOOKUP, Pivot tables and macros, is desired.