Conduct internal audit activities within the organization, including providing independent, objective assurance and consulting activity designed to add value and improve the organization's operations. Internal audit is intended to assist the organization in accomplishing its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes. Internal Audit is accountable for developing and implementing a risk-based internal audit plan, assisting management in complying with applicable internal control policies and regulations, and working with management to bring cost effective and efficient leading practices. Internal Audit has the authority to perform internal audit and consultative services, have access to necessary data when requested, obtain assistance of Authority personnel as needed. Activities may include audits of financial, operational, IT, compliance/regulatory, or strategic business functions and related risks and controls. May also include execution of special investigations/audits involving cases of fraud, waste, and abuse and/or ethical/regulatory complaints. Operate as ambassador and champion of the Internal Audit vision and strategy by demonstrating support and actively communicating with the audit team and the business.
Supervise high quality, professional day-to-day planning, scheduling, execution, and reporting of IT internal audit engagements including audits of, networks, security, internet/intranet infrastructure, system implementations and IT general controls.
Manage projects within established timelines and budgets; supervise the entire audit engagement lifecycle from planning through reporting working with Auditors and Senior Auditors as applicable.
Manage day-to-day engagement operations, including preparing concise, accurate documents and balancing project economics with the occurrence of unanticipated issues, demonstrating flexibility in prioritizing and completing tasks and communicating potential conflicts to Director Internal Audit - Technology and the SVP Internal Audit.
Supervise the evaluation of key risks and internal controls, review and approve audit programs/risk and control matrices, evaluate and approve benchmarking of financial and operational processes and controls, and evaluate opportunities for efficiencies/performance improvement based on leading practice; work with Director Internal Audit and the SVP Internal Audit to communicate findings/recommendations to senior management and client personnel.
Knowledge, Skills, and Abilities
The level of job complexity is advanced; must be able to supervise complex audits, which may be in process simultaneously and complete audits on time and within budget.
Demonstrated integrity, values, principles and work ethic.
Excellent knowledge of Information Systems auditing concepts and techniques with ability to apply to specific audit assignments.
Excellent working knowledge of COBIT, NIST, ITIL.
Excellent understanding of IT general controls.
In depth working knowledge of relevant auditing concepts and techniques and thoroughly familiar with COSO, IIA Standards.
In depth working knowledge of GAAP, GAGAS, FERC, NERC, FASB.
Strong understanding of Internal Audit functions and operations.
Understanding of the electric utility industry.
Ability to supervise the identification and articulation of key risks and controls in a process and sub process and to devise and execute audit steps for a variety of audits.
Ability to plan, organize, control and execute large complex audits while maintaining cordial and professional relationships with clients.
Knowledge and application of audit concepts and techniques relative to assigned area of responsibility.
Excellent written and oral communication skills; requires critical thinking and analytical ability in accumulating and interpreting large amounts of data and information to identify audit issues and develop. practical cost effective solutions.
Excellent planning and organization skills to administer audits and maintain adherence to audit plan; will encompass supervision of multiple audits concurrently.
Supervise multiple senior auditors and auditors on audit engagements; ability to develop auditors and seniors and maintain their motivation while ensuring quality of work.
Exhibits a professional attitude and work ethic and has ability to interface effectively with peers and clients.
Advanced understanding of sampling strategies and confidence levels and use of data analytics.
Deep skills in execution of project management techniques and engagement closure.
Excellent negotiation skills
Demonstrated ability to thrive in a dynamic, fast-paced environment and manage multiple projects/resources simultaneously.
High standard of ethics and professionalism.
Strong interpersonal, written, and verbal communication skills.
Excellent knowledge and experience with auditing tools such Microsoft Office Products such as, Word, Excel, PowerPoint, SharePoint, Access and Visio.
Education, Experience and Certifications
Bachelor degree in MIS, Accounting, Finance, Business, or equivalent discipline.
Minimum seven years of Information Systems Technology audit experience preferable from a combination of Big 4 organization and/or major corporation; minimum three years in a supervisory position, supervising multiple, complex audits.
CISA or CISSP designation required, MBA, CPA or CIA, CISM, CGEIT, ITIL designation a plus.
Experience auditing some of the following: SAP, Windows, UNIX, Oracle, SQL, LANs, WANs, Internet/Firewalls, Network Security and Infrastructure, Cybersecurity.
Experience performing audits of business applications and conducting application reviews and system implementation audits.
Working knowledge and experience with auditing tools such as IDEA, Audit Control Language (ACL) and Tableau preferable.