A premier client of ON-3 has engaged us in the search for a full-time Senior IT Auditor responsible for performing various financial, process, regulatory, and technology audits. The IT Auditor reports directly to the Director of Information Technology, Audit and Enterprise Risk Management, and supports the compliance activities of the Department as well as Systems and Organization Controls (SOC) reviews, and other external audit assignments. They will also serve as a primary liaison to the Risk Management Organization of the parent company in coordinating and supporting reviews and other special projects.
Audit of Financial, Process, and Systems Activities:
- Conducts, leads, and reviews work related to all aspects of the audit process, including engagement planning, risk assessments, work plan coordination, risk, control identification, preparation of audit programs, and testing and analysis of results.
- Responsible for obtaining an in-depth understanding of financial, operational, and IT functions. This includes the identification and assessment of risks and identifying possible manners to assess the appropriate design and operating effectiveness of regulatory risk controls.
- Prepares and reviews documentation (work papers) and ensures that items are filed per related standards to support the assigned audit engagement. Ensures that conclusions are appropriate and documented within the work papers. Supports and facilitates the generation of reports to Management with limited to minimal rework required.
- Raises and discusses audit observations with the applicable business owners and reaches consensus. Complies and prepares complete, detailed reports on audits and related recommendations for corrective action where identified control weaknesses exist or where established methods and procedures are not being followed adequately. Works with Management to evaluate submitted responses to audit observations and works with appropriate staff to determine acceptability. Independently performs follow-up, as required, to determine that corrective action has been taken.
- Actively support continued development and stewardship of the department's audit methodology/framework, build the annual audit plan, and recommend enhancements in line with recognized and Institute of Internal Auditors standards and practices.
- Engage with staff from the Corporate parent and support the sharing and disseminating information to the rest of the Audit organization.
Compliance, Privacy, and Enterprise Risk Management Support:
- Work with the Compliance department to perform various targeted reviews and activities related to the compliance program and Enterprise Risk Management responsibilities.
- Facilitation and maintenance of the Enterprise Risk Management (ERM) program, including Facilitation of Risk Oversight Committee, working with staff to raise and identify risks that impact the organization, documenting risk and related strengths, weaknesses, opportunities, and threats, and participating and supporting the parent company ERM program.
- Support the evaluation and effective oversight of the Compliance and HIPAA Security/Privacy programs.
SOC and External Audit activities:
- Support the organization in the performance of its SOC related work (SOC 2).
- Understand the respective standards and their application to both the Operational and IT areas of the organization.
- Support the assignment, tracking, review, and sufficiency of materials. This includes review of materials prior to being provided to external auditors to ensure quality and accuracy. Identified deviations are escalated and reviewed with the respective business areas before submission.
- Conducts projects or performs research and related documentation as requested by the Director.
- Provides guidance or backup on various teams.
- Provides support and leadership to co-workers and assistance to external auditors.
- Maintains and improves supervisory and technical proficiencies through continuing education, professional publications, and training seminars.
- Engages in or supports Risk Management activities or functions as requested (ERM, Risk Assessments, or other requested activities).
Required Skills, Knowledge, and Experience
- Bachelor's Degree with a concentration in Accounting, Finance, or Computer Science.
- At least four years' experience as Auditor/ Assessor.
- Certification as a Certified Public Account (CPA), Internal Auditor (CIA), or Certified Information Systems Auditor (CISA). NOTE: May be substituted with documented 7+ years of services and appropriate work experience.
- Experience and working knowledge of auditing techniques and accounting and control procedures.
- Demonstrated Ability to perform independent, detailed, and technical test work with a high degree of competence and in line with professional standards and project objectives.
- Demonstrated ability to lead a team of other professional and /or remote staff. Including experience in overseeing and reviewing activities in line with professional standards and project objectives.
Additional Skills, Knowledge, and Experience
- Knowledge of Dental and/or Health Payor operations and related business practices.
- General technical understanding and work experience in support of financial processes claim based organizations, and IT General Controls reviews, and System Organization Control (SOC) attestations.
- Familiarity with and Ability to read and interpret various regulations, standards, and types of technical resources to support the review of CMS and other business regulations that support the company's operations, HIPAA, NIST frameworks, and IT General Controls.
- Experience/exposure to SOX-404 or the NAIC AFRMR.
- Experience speaking to diverse groups, including senior-level Management and organizational staff, and maintaining effective working relationships.
- Documenting work papers in electronic tools such as CCH TeamMate Audit Management System.
- Applying IT audit methodologies to analyze large datasets.
- Public Accounting experience and/or existing internal audit, Big four preferred.
· Ability to make monthly trips by car to the corporate headquarters to discuss ongoing compliance and audit matters is required.
Why Work Here?At ON-3, we are Employment Consultants and assist you by presenting you to our direct clients by proactively working with you to ensure you are successful. We working personally with you on the presentation of your strengths to our clients Ideal Needs increasing your opportunity to directly interview with them. ON-3 and our clients are Equal Opportunity Employers (EOE).
ON-3 is an Employment Search Consultancy. We work with our clients by identifying and recruiting professional talent for their employment.