Job Requisition Number: 24989. Audit and Advisory Services assists all levels of University management in the discharge of their oversight, management and operating responsibilities by providing relevant, timely, independent assurance, advisory and investigative services using a systematic, disciplined approach to evaluate risk and improve the effectiveness of control and governance processes.
In conjunction with senior management, we develop an annual plan of audits and consultative projects based on a risk assessment and ranking methodology adopted across the UC system and augmented to address local circumstances.
The Principal IT Auditor provides independent, objective assurance and consulting services designed to review and appraise the soundness, adequacy, and application of governance, risk management, accounting, financial, operating, and administrative controls, as well as promoting a risk-based balance of cost and benefit in establishing an effective system of control. Specific areas of audit focus include, but are not limited to, IT governance, IT general controls, IT project management, IT infrastructure management, software development lifecycle, application security, emerging information security and cybersecurity risk, cloud architecture and controls related to applications hosted in the cloud, data lifecycle management, data privacy, disaster recovery and business resumption. This position will also conduct other financial, operational, and compliance audits and internal investigations as needed.
•Execute or lead complex audit, advisory, and investigation projects in accordance with professional standards •Plan the scope of the audit, develop the audit program, and determine the appropriate auditing procedures •Apply advanced auditing concepts to perform highly complex technical analysis •Develop formal written reports to communicate audit results to campus management and make recommendations as appropriate •Follow up on management action plans to ensure completion and escalate issues requiring management attention in a timely manner •Assist the Director and/or Associate Director on special projects and evaluating IT topical areas for the annual audit risk assessment •May also conduct internal investigations •Represent Audit and Advisory Services on key campus committees related to IT operational and compliance risks •Respond to requests for IT-related management consultations and advisory services •Keep abreast with latest technology developments and leverage technology, automated audit tools and data analytics to deliver insightful audit services in an effective and efficient manner•At least five years demonstrated knowledge, skills, and expertise in the specialized field of IT auditing including, but not limited to, IT governance, IT general controls, IT project management, IT infrastructure management, software development lifecycle, application security, emerging information security and cybersecurity risk, cloud architecture and controls related to applications hosted in the cloud, data lifecycle management, data privacy, disaster recovery and business resumption, and other technology risks. •Technical knowledge in cross-platform system security – particularly with regards to operating systems, databases, ERP systems, networking configuration and protocols, software and web applications, and transactional processing environments •Experience with commonly used industry and internal control frameworks such as NIST, CIS Critical Security Controls, ISO, COSO and/or COBIT •Regularly works on complex issues and technical topics with little or no campus precedent where analysis of situations or data requires an in-depth evaluation of variable factors •Possess professional expertise as well as strong analytical and technical skills to evaluate highly complex and diverse IT systems while maintaining the ability to understand and relate to the risks to the organization’s overall enterprise risk profile •Professional judgment to select audit methods, techniques and evaluation criteria •Advanced knowledge of finance, accounting, business and systems operations •Ability to present complex audit findings in a clear, concise and impactful manner for senior levels of management, both in writing and verbally •Strong interpersonal skills to independently interact with middle and senior management •Ability to work effectively, as well as independently, in a team environment •Bachelor’s degree in related area and/or equivalent experience/training •Professional certification required (CIA, CISA, CPA, CISSP, GIAC or equivalent)
The University of California was chartered in 1868 and its flagship campus - envisioned as a "City of Learning" - was established at Berkeley, on San Francisco Bay. Today the world's premier public university and a wellspring of innovation, UC Berkeley occupies a 1,232 acre campus with a sylvan 178-acre central core. From this home its academic community makes key contributions to the economic and social well-being of the Bay Area, California, and the nation.