Auditor Technology III
Service Corporation International
- Houston, TX
- Permanent
- Full-time
- Performs standard to technical/complex audits on information systems, platforms and operating procedures as directed.
- Evaluates IT infrastructure in terms of risk to the organization and establishes controls to mitigate loss.
- Determines and recommends improvements in current risk management controls and implementation of system changes or upgrades.
- Leads and provides guidance to the IT Auditor(s).
- Strong analytical, writing skills, and oral communication, including presentation and negotiation skills in dealing with all levels of management and third party
- Experience evaluating and applying IT, cybersecurity, audit, and risk management concepts within a regulatory framework
- Understand technology-related risks and assess company IT general controls and application controls embedded in automated processes
- Performs IT general control activities including:
- Risk assessment and scoping;
- Control design evaluation and review;
- Assembling data and information requests;
- Testing of operating effectiveness;
- Control documentation;
- Formulate remediation solutions to mitigate risk; and
- Reporting and communicating results.
- Assembles status and other analyses required to test compliance with SOX 404 and other compliance topics; includes SOC report reviews, Summary of Aggregated Deficiencies (SAD) reporting, and framework analysis.
- Documents audit findings and writes reports.
- Advanced knowledge in IT audit, information security, risk management, end point and server technologies, network management/architecture, firewall, intrusion detection and prevention systems, vulnerability/pen testing management, audit, and patch management systems
- Assesses and analyzes IT governance, cyber risk management, technology security controls assessments/audits
- Educate control owners on internal compliance requirements and provide consultation on IT security control issues
- Knowledge of standard IT auditing concepts, practices, procedures, and frameworks (e.g., COBIT, COSO, NIST, etc.)
- Good understanding of technology, information risk concepts, and audit documentation
- Good understanding and practical application of the professional standards governing the audit process and function
- Able to maintain composure and perform/deliver under pressure
- Detail-oriented and strong organizational skills
- Exceptional verbal and written communication skills, along with strong analytical abilities
- Proficient with Microsoft Office suite of products (e.g., Word, Excel, Access, PowerPoint, etc.)
- Familiar with auditing software tools (e.g., Archer, TeamMate, etc.)
- Familiar with data analytics tools (e.g. Microsoft Power BI, ACL, IDEA, etc.)
- Familiar with SEQUEL (SQL)
- Self-motivated, results oriented professional
- Acts within and upholds the SCI Code of Conduct and demonstrates corporate values
- Is trusted by others; keeps commitments to others
- Demonstrates initiative to learn new concepts and apply them at work
- Comes up with new ways to look at problems and processes in their work
- Accepts feedback and uses it to improve performance with guidance
- Accepts new or difficult assignments
- Focuses on setting and achieving challenging goals that align with business objectives
- Partners with manager to determine suitable goals and metrics
- Manages own time to ensure work is completed efficiently
- Works productively with minimal supervision; achieves work objectives in a timely manner
- Works to resolve routine problems promptly and effectively
- Conveys facts and information clearly in written and spoken communications
- Shares viewpoints and information openly and listens attentively to others’ ideas and suggestions
- Communicates in a timely and effective manner with manager and team
- Strong interpersonal and communication skills, including the ability to interact with all levels of management
- Leverages respective technologies in role
- Seeks new ways to use technology at work
- Proactively contributes to group objectives; volunteers to help others as needed
- Welcomes ideas and input from others
- Relates to others in open and helpful manner; consistently treats others with respect
- Maintains composure in challenging situations
- Bachelor’s degree in Business or Science (preferably Management Information Systems, Accounting, Computer Science, or business-related concentration; advanced degree a plus)
- Professional certification preferred or currently working towards professional certification (CISA, CISM, CISSP, CRISC, CIA, or Cloud Certification)
- A minimum of four (4) years of IT auditing experience, information technology, and consulting
- Public accounting and large industry experience preferred
- Work indoors during all seasons and weather conditions
- Professional dress is required
- Limited amount of local and/or multiple location traveling required (ability to travel up to 10%)
- Sitting continuously for many hours per day, up to 6-8 hours per day
- Physical effort requiring manual dexterity is required, includes paperwork, calculators, computers and phone usage
- Working beyond “standard” hours as the need arises