• Attend meetings with auditees to develop an understanding of business processes.
• Perform walkthroughs to gain a better understanding of the in-scope systems under review.
• Document understanding of business processes in memos or flow charts.
• Responsible for documenting the control narratives obtained from the walkthroughs with the control owners, describing the current IT environment.
• Perform ITGC testing of financial transactions, processes, or controls based on the audit program.
• Prepare audit findings memo and work with the engagement manager on recommendations.
• Interact effectively with co-workers at all levels to foster and maintain strong working relationships.
• Perform other job duties as assigned by management.
• Evaluate processes to determine adequacy of controls, compliance with policies and procedures, and comparison to leading practices.
• Perform specific audit procedures, tests and analyses, including those that support requirements regarding Sarbanes-Oxley compliance.
• Prepare comprehensive written and oral audit reports detailing the results of the audit.
• Assist in the development of an audit program for the testing of IT controls across various platforms and application environments.
• Conduct periodic Risk Assessments (e.g., NIST, ISO, etc.) throughout the IT organization.

Skills: IT Audit, Process Analysis, Controls Evaluation, ITGC Testing, Audit Reporting, SOX Compliance, Stakeholder Relations, Risk Assessment

• Conduct centralized testing of global IT general controls for Sarbanes-Oxley compliance, in coordination with the SOX Compliance team.
• Provide centralized independent testing of key enterprise IT applications.
• Develop, execute, and document audit tests in accordance with Audit Services policies and procedures.
• Identify risk, weaknesses and improvement opportunities in an application, database, operating system, network, or IT process and identify the root causes to provide meaningful recommendations.
• Assist in the creation of audit issues documentation to be distributed to senior management.
• Assist with the coordination of issue closure processes for global IT applications/infrastructure.
• Perform general and application control reviews for simple to complex computer information systems.
• Consult and advise on operational issues related to information technology.
• Consult with IT clients to redesign/re-engineer processes.
• Identify opportunities for increasing operational efficiencies and strengthening internal controls.
• Interface with external auditors to provide information and documentation to support the integrated audit.
• Maintain adequate and current technical knowledge in such areas as IT general controls, automated controls, interfaces and integrations, IT dependencies, business process controls, and other areas.
• Clearly articulate and prepare audit reports and findings in a concise manner.

Skills: ITGC Testing, SOX Compliance, Audit Execution, Risk Identification, Issue Management, Control Reviews, Process Improvement, Technical Expertise

• Responsible for all aspects of services (i.e., plan, execute and report).
• Lead account planning and management activities to identify client needs and service opportunities in the areas of assurance, advisory, risk and compliance.
• Own the growth and service delivery of engagements and work closely with each client.
• Coordinate efforts on engagements to include, but not limited to, SSAE 18 Examinations, PCI DSS Assessments, and HITRUST CSF Assessments.
• Supervise and complete a detailed review of work performed by staff audit consultants.
• Work with each client to execute engagements, with a focus on leveraging industry and functional insights from the advisory business to bring greater value to the client.
• Design, execute, and maintain high-quality, integrated and efficient audit procedures.
• Assist in building audit methodology, working paper guidelines, quality review standards, and communication protocols.
• Develop audit programs and procedures to establish the Audit processes.
• Streamline control testing to ensure effective and efficient operations.
• Coach and train staff audit consultants to ensure quality.

Skills: Service Management, Client Relations, Engagement Delivery, Compliance Assessments, Team Supervision, Audit Design, Process Optimization, Staff Development

• Support the Army General Fund Enterprise Business System in managing Army IT Audit, Audit Readiness, Internal Assessments, and identifying areas for improvement.
• Position will require knowledge/experience with FISCAM, SSAE 18 (SOC 1), and other attestation engagements.
• Manage efforts related to the Program’s SOC-1 Type II attestation, Oversight audit efforts, and Financial Statement Audit efforts.
• Coordinate audit preparation activities such as mock walkthroughs, process cycle memos, documentation review, etc.
• Review, document, evaluate and test application controls, particularly automated controls, on a wide range of ERP systems and software applications across a wide variety of client business processes.
• Identify internal IT controls, assessing their design and operational effectiveness, determining risk exposures and developing remediation plans and determining the technical and business impact of identified security and control issues and providing remediation guidance to clients.
• Consult with Client leadership on the design and optimization of controls utilizing a general knowledge of business processes, accounting, and information technologies.
• Consult with Client leadership on strategic plans and other business matters, helping clients to anticipate emerging risks.
• Develop and stand up a strategy to perform an internal assessment of controls.
• Work with other Army organizations to support audit readiness engagements, synergizing with efforts.
• Assist in developing and executing short and long-term plans to achieve “Audit Readiness”.
• Identify and execute on enterprise-wide strategies.
• Communicate findings and recommendations to client personnel and Army Leadership (GS-15/SES level).
• Lead the internal review of Client-developed Corrective Action Plans (CAP) related to audit or other examination findings.
• Coordinate/manage the status of audit-related deliverables, documentation requests, meeting requests, concurrence on issues, and follow-up discussions.

Skills: Audit Readiness, IT Controls, Risk Management, Compliance Auditing, ERP Systems, Client Consulting, Strategic Planning, Process Improvement

• Plan and perform internal audit assignments according to the Company’s approved audit plan.
• Conduct risk assessment, audit planning, audit testing, control evaluation, etc.
• Provide audit finding reports, follow-up, and verifications.
• Develop and monitor cybersecurity development initiatives through the design and performance of a continuous risk assessment methodology.
• Maintain good relationships with key stakeholders of businesses.
• Ensure the key risks in the Group are adequately addressed and facilitate improvements in its control environment.
• Perform ad hoc tasks assigned by senior management.
• Assist and support the Senior Audit Team to develop audit plans, including risk assessments and engagement with key stakeholders, to shape the IT audit plan.
• Use expertise to support and contribute to typical deliveries, such as design reviews, making sure the business adheres to security policies and frameworks.
• Plan and scope IT audit reviews, including meeting key stakeholders, drafting and agreeing on audit Terms of Reference.
• Carry out an IT audit and work across all business areas, as well as 3rd party vendors, to assess information security risk exposure.
• Work alongside Senior IT Auditors and Information Security consultants who are subject matter experts within the consultancy globally and use this expertise.
• Build credibility with clients, work with ISO27001, NIST, COBIT and ITGCs.

Skills: Internal Auditing, Risk Assessment, Cybersecurity Oversight, Control Evaluation, Stakeholder Management, IT Audit Planning, Information Security, Compliance Frameworks

• Experience in public accounting, auditing, corporate, or non-profit data or security roles, with at least seven total years of experience in IT.
• IT Control Compliance testing experience (software development testing or QA testing will not be considered equivalent).
• Must have rich critical thinking skills.
• Able to enjoy challenges and can persevere.
• Understanding of how to analyze organizations’ processes and IT systems.
• In-depth understanding of internal controls, including business processes, applications, and IT controls.
• Experience auditing IT processes and IT systems against regulations, standards and best practices.
• Skill in evaluating processes, risks and controls.
• Highly effective verbal and written communication skills.

Qualifications: BS in Information Systems with 8 years of Experience

• Strong time management and organizational skills.
• Solid analytical skills and attention to detail.
• Comfort with asking questions to get answers.
• Ability to make progress in ill-defined and unclear projects.
• Ability to take direction and apply it to different situations.
• Passion and commitment to providing quality client service.
• Must have reliable transportation and the ability to commute to client locations.
• Must have IT audit, risk, or security certification.
• IT Audit and SOX or JSOX experience.

Qualifications: BA in Accounting with 4 years of Experience

• Must have one or more relevant certifications in the area of audit, information security and/or compliance.
• Must have certifications include CPA, CIA, CISA, and/or CISSP.
• Experience within the Banking, Consumer Lending, and/or Loan Servicing industry.
• Strong knowledge of internal audit processes.
• Must have a strong understanding of audit principles and techniques and vast experience in financial regulatory compliance, including data security.
• Experience in the areas of risk assessment, risk management, audit, information security, and/or regulatory compliance.
• Understanding and experience in complying with financial consumer protection laws.
• Strong communication skills (interpersonal, verbal and written).
• Able to provide customer satisfaction-oriented service.
• Must be currently eligible to work in the USA without sponsorship.
• Must consent to, and successfully clear all required pre-employment screenings.

Qualifications: BS in Cybersecurity with 8 years of Experience

• Understanding of IT Controls and how to frame the approach for an audit from an audit perspective rather than a developer perspective.
• Ability to read Java code.
• Must have data analysis skills and the ability to use SQL for working with large data sets.
• Strong Business and Functional Analysis skills.
• Experience documenting system workflows and data mapping.
• Strong communication skills, particularly in producing clear and concise documentation.
• Must have prior IT Audit experience.
• Must have AML/Trade surveillance, general trading systems knowledge.

Qualifications: BA in Business Administration with 6 years of Experience

• Must have IT Internal Audit Certification (CISA, CISM).
• Experience with IT Audit, IT Security, or Internal Audit gained in a professional practice or corporate environment.
• Experience with internal control environments within the IT function and technology risks and controls relevant to a complex corporate IT environment.
• Understanding and experience with financial systems and processes, and ideally, the risk and control activities.
• Understanding and experience with auditing ERP systems, preferably SAP.
• Able to demonstrate and apply a detailed and thorough understanding of standards, regulations and information systems.
• Able to demonstrate and apply strong project management skills, maintaining the culture of teamwork, the project timelines and quality of deliverables.
• Demonstrated confidentiality and integrity within a professional environment.
• Able to leadership to lead the engagement team to ensure quality wallpapers and deliverables, provide regular status updates, and adhere to a project timeline.

Qualifications: BS in Network Engineering with 7 years of Experience