Hofstra University is a nationally ranked and recognized private university in Hempstead, N.Y. that is the only school to ever host three consecutive presidential debates (2008, 2012 and 2016). At Hofstra, students get the best of both worlds. Our campus is a leafy oasis just a quick train ride away from New York City and all its cultural, recreational and professional opportunities. We offer small classes and personal attention, with the resources, technology and facilities of a large university. Students can choose from more than 160 undergraduate program options and 165 graduate program options in the liberal arts and sciences, education, health professions and human services, the Peter S. Kalikow School of Government, Public Policy and International Affairs, the Fred DeMatteis School of Engineering and Applied Science, the Frank G. Zarb School of Business, the Lawrence Herbert School of Communication, the Maurice A. Deane School of Law, the Hofstra Northwell School of Graduate Nursing and Physician Assistant Studies, and the Donald and Barbara Zucker School of Medicine at Hofstra/Northwell. Hofstra University is a dynamic community of more than 11,000 students from around the world who are dedicated to civic engagement, academic excellence and becoming leaders in their communities and their careers. Description:
The Senior IT Auditor is part of the Office of Internal Audit (IA) at Hofstra University reporting directly to the Director of IA. IA’s mission is to provide value added services, which identify risks, propose mitigation strategies, and promote a robust internal control environment. The Senior IT Auditor is a key individual contributor to the department, responsible for the systematic and objective verification, analysis and appraisal of the University’s information technology and systems and controls. The position is responsible for executing audits from the planning phase through the reporting phase of the audit process. In addition to appropriate education, experience, and industry licenses/certifications, the ideal candidate will have effective oral and written communication skills, interpersonal skills and analytical/problem solving ability to collaborate among audit team members and audit “clients” to successfully complete audits/projects. Further, this position will assist the Director in the promotion of internal controls throughout Hofstra University.
Characteristic Duties and Responsibilities include but are not limited to:
• Conducts audits of controls including but not limited to data security, systems development, change management, logical access, security policy implementation, device and server configuration, cloud and vendor management, computer operations, and data recovery. • Plans audits to identify and evaluate key information technology risks and controls. Independently develops and completes IT risk assessments, audit scopes, audit programs, tests of controls, data analyses, and strategies for the execution of audits. • Performs independent audit fieldwork within budget and in accordance with the Internal Audit Department standards. Strives to maximize the effectiveness and efficiency of the audit process. • Adequately documents audit work (narratives, process flows, etc.) to capture procedures performed, support conclusions reached, and identify internal controls and control weaknesses. • Consistently delivers clear and concise work papers, status updates, and audit reports, requiring minimal edits. Writes clear and actionable audit findings and reports. • Provides effective and timely communications internal and externally. • Utilizes data analytics to enhance risk identification and quantification, and to provide valuable business intelligence to management. • Ability to perform and provide training and support to audit staff in planning and applying computer-assisted audit techniques using data analytics software (e.g., IDEA). • Shares expert IT knowledge and guidance with other audit team members. • Participates in and enhances the IT audit-universe risk analysis, in order to contribute to the annual audit plan. Identifies emerging IT risks and researches areas of exposure. • Engages in management requested and/or consulting projects and provides advisory services to management on process redesign, major system initiatives, control framework, etc. • Reviews findings with University "clients", partners with client management to develop suitable action plans to address audit issues and communicate in a way that gains their acceptance of proposed changes and promotes professional rapport. • Builds strong relationships with key stakeholders, senior leadership, and other key leaders. Serves as a trusted advisor. • Develops and make presentations to the University community concerning IT risks and controls. • Follows-up on findings and recommendations to ensure appropriate corrective actions are taken. • Contributes to the overall effectiveness, efficiency and value of the Internal Audit Department [audit process and office administration] by recommending and developing innovative approaches and solutions. • Independently and proactively identifies and pursues professional development opportunities to maintain current knowledge of new developments in IT and internal auditing fields as applicable to the University. • Performs miscellaneous job-related duties as assigned.
• Bachelor's degree required. Information Systems, Computer Science, or related field and six years relevant experience in IT auditing or related field or equivalent combination of education and experience. • Audit project management experience with proficiency in the following areas: information systems and technology; information security in computer network environments; cyber security; business continuity and disaster recovery. • One or more relevant professional certifications ( e.g., CISA, CISSP, CIA, CISM, CPA, CFE). • Experience in the preparation and analysis of data through computer-aided audit tools (e.g., IDEA, Excel spreadsheets, or other database tools). • Experience applying COSO, COBIT, ITIL, ISO, NIST, and other leading business and IT control and/or security frameworks. • Possesses adequate knowledge of a wide variety of computing environments and technologies: Network architecture, Network components, Operating systems, Servers and associated relational database management systems. • Experience with privacy and security standards including HIPAA, FERPA, GLBA and PCI. • Knowledge of Higher Ed and experience performing operational audits in related areas would be a plus. • Effective oral and written communication skills, interpersonal skills and analytical/problem solving ability. Ability to make effective presentations to groups. • Project management skills to prioritize and work on multiple concurrent projects. Flexibility and the ability to change priorities quickly and capacity to handle multiple tasks. • Demonstrates self-motivation, initiative, and broad thinking. Is inquisitive and exhibits professional curiosity; does not accept “surface” answers and recognizes the need to pursue a line of inquiry further.
For consideration, please send your resume and cover letter with salary requirements to [email protected] Please indicate “Senior IT Auditor” in the subject line.