Rutgers,The State University of New Jersey, is seeking a Senior IT Auditor for the Department of Audit and Advisory Services. This position reports to the Audit and Advisory Services Managers, and to the Director of Audit and Advisory Services. The Senior IT Auditor position exists to provide professional, independent, and objective assurance and consulting services. The Senior IT assists OIT and units accomplish their mission and objectives by bringing a systematic and disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes, primarily as they relate to IT.
Among the key duties of this position are the following:
Designs services to add value and improve operations in units with an emphasis on IT operations that are centralized in the Office of Information Technology (OIT), distributed across the university (departments, schools, centers, etc.), and provided by third-parties (cloud services).
Plans assigned services, including acquiring knowledge of client's: organizational structure; existing applications; electronic and hardcopy information; IT infrastructure including, networks, servers, endpoints, mobile devices, operating systems, and other hardware and software, policies, practices, and procedures; personnel and assigned job duties; physical facilities and security measures; communication and information flows.
Documents the audit strategy and project activities for the assignment.
Identifies and evaluates process-level risks, existing cybersecurity measures, compliance methods, and other systems controls.
Evaluates client's control systems by identifying control strengths and weaknesses, and documenting weaknesses as possible reportable findings.
Designs tests to validate control strengths.
Communicates with the client and Audit and Advisory Services (AAS) management throughout engagement to keep them apprised of progress, observations made, and recommendations under consideration.
Drafts formal reports for review by the Audit Manager, Director, and CAE, for issuance to clients, senior management, and the Board of Governor's Committee on Audit.
Complies with established The Institute of Internal Auditors' (IIA) standards and departmental policies, and applies ISACA's good-practice framework for IT management and governance (COBIT) when performing this work.
Consults with university managers regarding risk management, control, and governance processes.
Monitors client's progress on corrective actions.
Partners with university leaders/management on committees and task forces.
Teaches internal control concepts and applications.
Manages student internship program.
Supports Audit and Advisory Services department operations.
Maintains quality and proficient services.
Minimum Education and Experience:
Requires a Bachelor's Degree in Computer Science, or Business related discipline (i.e. Accounting, Business/Public Administration, and Finance)
A minimum of five (5) years audit experience is required including at least four (4) years of IT audit experience
Must be a Certified Information Systems Auditor (CISA)
Requires a valid drivers license.
Required Knowledge, Skills, and Abilities:
Acquired advanced knowledge of computer hardware and software is also required The Senior IT Auditor must:
understand the components of sound IT risk management, control, and governance processes.
possess advanced knowledge of computer systems and cybersecurity, and IS auditing principles
know and abide by the Institute of Internal Auditors' Professional Practice Standards, and apply ISACA's good- practice framework for IT management and governance (COBIT) in his/her day-to-day work.
demonstrate a wide knowledge of IT auditing techniques.
keep abreast of breaking developments in IT and auditing literature, as well as performing research through the auditor's network of resources, for issues specifically addressing the university, especially emerging computing risks and vulnerabilities.
understand management and control model principles.
be aware of and understand the policies, rules, regulations, laws, and statutes pertaining to their engagement.
The Senior IT Auditor must:
be analytical and observant.
interpret trends, relationships, and problems from financial, statistical, and computer log data.
assess departmental operations from a procedural level, (where a system administrator may not follow a task) to a university policy level, where recommendations might be made to the Boards regarding new legislation affecting university IT governance.
be able to apply advanced cybersecurity and auditing principles in all their engagements with university clients.
choose the appropriate audit technique for use depending on the circumstances of their assignment.
be alert to conditions in systems, which demonstrate control strengths, disguise weaknesses, and present opportunities for fraud.
be able to apply project management principles to work assignments.
exhibit supervisory and teaching skills when working with student interns
have advanced writing skills to write audit reports, letters, workpapers and other service communications.
be able to help audit staff design and apply appropriate computer assisted auditing techniques.
be an excellent listener so that engagements serve clients' needs, while achieving the objectives of Audit and Advisory Services and the university.
express himself/herself clearly and professionally in all communications. Interpersonal skills are essential as this Senior meets and communicates with every level of the University community.
value frequent communications with Audit and Advisory Services management, subordinates, as well as clients.
possess advanced personal computer abilities so he/she can, or help others to, prepare reports, record project timekeeping, create spreadsheets and PowerPoint presentations, flowchart control systems, and utilize various analysis software. He/she should also be able to research the web.
have the self-discipline to progress on concurrent work assignments and tasks.
maintain confidentiality on all assignments and occasionally work under stressful conditions (i.e. investigations, politically charged issue).
make independent, professional, and supportable judgments on every assignment. Although a high -level of independence is given to this position, the incumbent must be flexible to take direction from Audit and Advisory Services management.
facilitate complex discussions on control matters.
demonstrate project management skills through completing audit assignments on, or close to, budget hours.
An advanced degree such as a Master of Business Administration (MBA) or Master of Computer Science (MCS) is preferred.
Seven (7) years' experience is preferred
Certified Internal Auditor (CIA) or other certifications as a Certified Public Accountant (CPA), or as a Certified Fraud Examiner (CFE) are beneficial.
Public presentation skills are also beneficial to this position.
Prior usage of audit management software (MKInsight, TeamMate, AuditBoard, AutoAudit, etc.) is a plus
Physical Demands and Work Environment:
Standing, sitting, walking, talking or hearing. No special vision requirements.
Office environment. Moderate noise.
Clean driving record.
Posting Number: 19ST2534
Location: Off Campus
Internal Number: 91092
About Rutgers University
Rutgers, The State University of New Jersey, is a leading national public research university and the state's preeminent, comprehensive public institution of higher education. Rutgers is dedicated to teaching that meets the highest standards of excellence; to conducting research that breaks new ground; and to turning knowledge into solutions for local, national, and global communities. As it was at our founding in 1766, the heart of our mission is preparing students to become productive members of society and good citizens of the world. Rutgers teaches across the full educational spectrum: preschool to precollege; undergraduate to graduate and postdoctoral; and continuing education for professional and personal advancement. Rutgers is New Jersey's land-grant institution and one of the nation's foremost research universities, and as such, we educate, make discoveries, serve as an engine of economic growth, and generate ideas for improving people's lives.