Lead IT Auditor

Basic Function

The Lead IT Auditor role is an experienced position intended to utilize audit principles, skills, and techniques to evaluate the adequacy of Information Technology (IT) internal controls and processes in both design and application.  Depending on the experience and qualification of the candidate, this position is expected to support or lead audits of medium to high complexity with minimal to zero direction of the audit manager.  

The Lead IT Auditor is responsible for leading and/or performing audits in the following areas – 

• Application, data platform and infrastructure audits
• Implementation reviews
• System penetration testing
• Application control reviews  
• Emerging IT technologies and risks   

The Lead IT Auditor may also be responsible for performing and/or assisting in corporate investigations, ad-hoc special projects, Sarbanes-Oxley 404 compliance activities and demonstrating the ability to function on an increasingly independent basis. The Lead IT Auditor is also expected to identify, initiate and implement process improvements. The Auditor should be self-motivated, work with a sense of urgency, support multiple priorities, meet deadlines and execute audits that meets or exceeds the quality sets by Institute of Internal Audit Standards. Successful candidates should be highly self-sufficient, knowledgeable to make decisions and serve as a resource for other auditors. While primarily based in Houston, team members will participate in audit assignments across our global Company. Travel to both domestic and international locations averages about 10% - 20% a year.  International trips range from two to three weeks. The position may require overtime at various times.  The Lead IT Auditor should also possess effective communication and interpersonal skills that are at a quality that is essential to build a professional rapport with first line operating and supervisory personnel and with higher-level management.  

Roles & Responsibilities

• Coordinate and effectively communicate with a diversified customer base that includes many different audit areas and processes within the company.
• Liaise with IT business staff to ensure full understanding of data flow, security policies and procedures, data integrity, physical and logical system security.
• Lead in audits related to IT process, infrastructure, ITGC (Information Technology General Controls), and pre and post implementation reviews in accordance with accepted professional standards. Duties include initial audit planning, setting objectives based on business and technical risks, coordination with auditee, workpaper review, evaluation, and reporting for audits.  
• Optimize audit team resources to ensure successful completion of audits.
• Lead initiatives for continuous improvement in the effectiveness of the audit process.
• Provide input into the annual IT audit risk assessment and development of the annual audit plan.
• Interact effectively with associates, mid-level management, and other personnel within the organization at all times. Continually demonstrate poise, self-confidence, tact, and maturity in contacts with other employees in the company.  
• Identify best practices from other functions internal/external to the company and generate recommendations for improvements to reduce costs, increase efficiency, and/or effectiveness.
• Recognize and understand audit concerns of auditees and work together to a mutual resolution while maintaining independence.
• Serve as the role model and mentor less experienced staff on professional and personal standards of performance.  Mentor on IT-related processes and business drivers.  
• Give and receive feedback to peers and subordinates appropriately.

Min. Qualifications

• Bachelor degree is required, with a major in Information Systems, Computer Science, Accounting, Finance, or other related business degree.
• Proven ability to independently evaluate controls over IT, business and financial processes.
• Typical years of relevant business experience with at least three years of IT auditing or related assessment.  Big 4 experience is a plus.
• Lead IT Auditor – four to eight years experience.
• Knowledge in IT, operational, financial and audit processes as well as interdependencies among the processes.
• Knowledge in Audit and IT related standards/framework:
• International Standards for the Professional Practice of Internal Auditing (Standards).
• COBIT (Control Objectives for Information and Related Technologies). 
• Standards for security controls for information systems.
• ISO/IEC 27000 - Information Security Management Systems.
• NIST Standards and Framework. 
• Effective communication skills, including written, verbal and presentation skills that are clear, concise, and executed in an organized manner.
• Keenness and efficient in understanding and dealing with business and IT situations (business acumen).
• Proficient with Microsoft Office, PowerBI or other analytics tools to research and analyze data.

Preferred Qualifications

• Advanced degree and/or professional certification such as CISA, CISSP, CISM, CFE, CIA or other is preferred.
• SAP experience is a plus.

#LI-Hybrid

#LI-RC1

Competencies