IT Auditor II - Principal Auditor - GEN0006Q
COMPANY DESCRIPTION:
DESCRIPTION/RESPONSIBILITIES:
Functions as a highly skilled internal control consultant responsible for conducting internal information technology (IT) audits/reviews, providing risk education and project consulting services on behalf of the corporation to mitigate risk and assess the control environment of each auditable unit. Provides supervision and training for lower level IT audit staff.
* Conduct internal audits and reviews on behalf of the corporation to identify risks, document established controls to mitigate risk and assess the control environment of each auditable unit.
* Lead and coordinate audit efforts to ensure successful and timely completion of assignments.
* Communicate issues, audit results, and recommendations in a clear and concise manner to appropriate levels of operating, IT, and executive management, including activity updates to the Audit Committee of the Board of Directors.
* Meet or exceed annual goals for deliverables (audit committee reports).
* Train, educate, supervise, and assist in evaluating new and lower level IT audit staff.
* Facilitate project risk assessments and lessons learned sessions.
* Participate in divisional or departmental infrastructure projects as assigned. Maintain working knowledge of information technology pre-production (e.g. system development life cycle, change control, operating systems, applications and security) and post- production (e.g. operating systems, applications, security and data center operations) controls.
* Conduct effective and efficient IT and project audit work.
* Provides recommendations to improve the control environment. Effectively applies audit methodologies, policies, and procedures applicable to BCBSM and subsidiaries (e.g., BCN, Dentemax).
* Suggests improvements to audit methodologies, policies, and procedures to incorporate lessons learned.
* Prepare complete and accurate audit workpapers in a timely manner.
* Maintain a thorough and current understanding of project management methodologies applicable to BCBSM and subsidiaries (e.g., BCN, Dentemax).
* Maintain a thorough and current understanding of auditing principles and applications as derived from standards for the professional practice of internal and information technology auditing [i.e. Institute of Internal Auditors (COSO), the Information Systems Audit & Control Association (COBIT), and the Project Management Institute].
* Ability to develop, maintain and report against a work plan, as work progresses, given scope and objectives.
* Other duties may be assigned.
All qualified applicants will receive consideration for employment without regard to, among other grounds, race, color, religion, sex, national origin, sexual orientation, age, protected veteran status or status as an individual with a disability. *LI-AH1