About Northeastern: Founded in 1898, Northeastern is a global research university and a world leader in experiential learning. The same commitment to connecting with the world drives our use-inspired research enterprise. The university offers a comprehensive range of undergraduate and graduate programs leading to degrees through the doctorate in nine colleges and schools. Our campuses in Charlotte, N.C., San Francisco, Seattle, and Toronto are regional platforms for undergraduate and graduate learning and collaborative research. Northeastern pursues advanced research in security and materials at the Innovation Campus in Burlington, Massachusetts, and in coastal sustainability at the Marine Science Center in Nahant, Massachusetts.
About the Opportunity: Northeastern University's Audit & Advisory Services is seeking a motivated and talented individual to join our team as a Senior IT Auditor. This is an exciting opportunity to join our team that works collaboratively throughout the University as a trusted partner. Working in a strong and established team and reporting to the Director, the Senior IT Auditor will undertake a range of challenging audit work including executing audits from the annual audit plan, advisory projects, leading audit client engagements, owning data analytics (e.g. Power BI, Tableau, etc.), and developing a robust IT audit program. The Senior IT Auditor will be familiar with new areas of focus for technology audits: robotic process automation, machine learning and artificial intelligence, while continuous monitoring/auditing continues to evolve.
The ideal candidate will learn the business from the inside and gain broad exposure to a variety of IT systems and professionals working in software development, information and network security, change management, access control, IT infrastructure, server virtualization, cloud computing and other key areas of this growing department. You will have the opportunity to help facilitate positive change by examining business processes and recommending areas for improvement within the University. Your experience will not be limited to auditing IT systems. Our cross-functional approach enables collaboration between IT, Financial, and Operational audit teams. There will be significant exposure to senior management throughout the organization.
The Senior IT Auditor:
Provides professional audit work, individually or as a team leader, in conducting reviews of assigned organizational activities in accordance with the IIA and department standards
Plans and executes information technology (IT) audit projects designed to provide assessment of internal control processes and operational performance
Demonstrates and apply a thorough understanding of complex information systems
Prepares detailed plans for performing individual audits including the identification of key risks and controls, determination of audit objectives, and development of an appropriate audit program. Uses knowledge of the current IT environment and industry IT trends to identify potential issues and risks
Under minimal supervision, develops clear and concise audit work papers to support findings and recommendations, and writing clear and concise reports for management
Identifies potential audit areas, assists with assessing the degree of inherent risk, and estimating the time and skills required to complete audit projects. Contribute to the development of the IT audit plan based upon risk assessment, management's goals and objectives, and the requirements of the Audit & Risk Committee
Performs or assists in the performance of special projects or studies, including risk assessments, fraud investigations, audit department policy updates, due diligence acquisition reviews.
Participates in reviews of internal controls and security of systems under development as well as major IT projects and initiatives
Works with the external auditors as deemed necessary.
The Senior IT Auditor needs to produce timely and accurately completed audit work with properly supported results and conclusions and audit recommendations are well thought out and workable. The auditor should have a strong desire to put the auditee first with the goal of adding value to their processes; and remain a support to the auditee without compromising audit independence.
Responsibilities: IT Audits:
Execute the IT audit plan including reviews of system development, program changes, operating systems, databases, applications software, data security, computer operations, network security, business continuity, and disaster recovery.
Develop and incorporate security vulnerability assessments during audit reviews.
During the course of an audit, identify audit objectives, develop audit programs, perform audit testing, and manage audit workpapers in accordance with professional standards for the practice of internal auditing
Facilitate the communication of audit results through written reports and oral presentation to management.
Perform pre-implementation reviews for new or modified application systems to assess data integrity and security controls
Develop and maintain relationships with Information Technology Services management
Automation of Data Analysis Procedures
Ownership of data analytics procedures using Microsoft Excel, PowerBI and other tools (e.g. Tableau) for automating and performing routine operational and financial audit tasks. Seek ways increase use of data analytics and robotics process automation
Non IT Audit, Consulting and Special Projects
Perform integrated and operational audit as necessary to carry out the annual audit plan
Under the supervision of audit management, perform consulting engagements and investigations as assigned. Contribute to University wide initiatives as necessary.
Seek ways to develop self professionally through attendance at seminars, in-house training sessions, professional exams/certification, and self-study in order to remain informed of current developments in IT auditing, maintain technical competence and proficiency from the standpoint of evaluating University operations and controls.
Attend training and carry forward information gathered into executing the audit plan.
Bachelor's degree in Management Information Systems, Information Security/Assurance, Computer Science, or a related discipline.
Minimum of three to five years' experience in IT auditing, IT risk & compliance, and\or information security.
Familiar with audit management tools\solutions
Working knowledge of security and technology frameworks (e.g. NIST, COBIT).
Strong data analytical skills. Advanced knowledge of MS Excel is required.
Related professional certification (CISA or CITP is required; CISSP, CISM or other applicable certification is a plus)
Proven ability to work effectively on multiple projects at the same time, and learn complex technical concepts.
Excellent interpersonal, oral and written communication skills with strong analytical ability.
High professional standards with the ability to handle confidential information and work with a diverse population.
Preferred Qualifications: Master's degree is a plus.
Higher education experience is a plus.
Salary Grade: 12
Additional Information: Northeastern University is an equal opportunity employer, seeking to recruit and support a broadly diverse community of faculty and staff. Northeastern values and celebrates diversity in all its forms and strives to foster an inclusive culture built on respect that affirms inter-group relations and builds cohesion.
All qualified applicants are encouraged to apply and will receive consideration for employment without regard to race, religion, color, national origin, age, sex, sexual orientation, disability status, or any other characteristic protected by applicable law.
Founded in 1898, Northeastern University is a private research university located in the heart of Boston. Northeastern is a leader in worldwide experiential learning, urban engagement, and interdisciplinary research that meets global and societal needs. Our broad mix of experience-based education programs?our signature cooperative education program, as well as student research, service learning, and global learning?build the connections that enable students to transform their lives. The University offers a comprehensive range of undergraduate and graduate programs leading to degrees through the doctorate in nine colleges and schools.