Senior IT Audit Advisor, Information and Technology Full-time Job
Nov 29th, 2023 at 05:18 IT Manager Montréal 132 views Reference: 8Job Details
The Senior Audit Advisor, Information and Technology (I&T)is responsible for assisting the Internal Audit team in accomplishing its objectives by bringing a systematic and focused approach to evaluate and improve the effectiveness of CN’s governance, risk management, and internal control.
Main Responsibilities
· Lead I&T and special audit projects to mitigate the company's information, cyber and operational technology risks
· Plan and develop audit programs and perform audit projects based on a risk assessment approach
· Evaluate system risks, controls, and residual exposure for existing systems and processes
· Identify opportunities for improvement designed to add value and improve the organization’s operations
· Provide accurate, timely, clear, and concise audit results to Management
· Develop action plans with Management that remedy the risks in an acceptable time frame
· Follow-up and report progress on achieving strategic goals defined in the Management Action Plan
· Improve the audit process through innovation
· Keep abreast of new auditing techniques and technologies
· Perform testing of key I&T controls over financial reporting
Working Conditions
The role has standard working conditions in an office environment with a regular workweek from Monday to Friday. Due to the nature of the role, the incumbent must be able to meet tight deadlines, handle pressure, and stress.
Requirements
Experience
Internal Audit
· Between 3 to 5 years of experience in internal audit in a medium to large-sized organization
· Minimum 5 years of experience in Information or Operational Technology Security
o Experience working with the established cybersecurity standards and frameworks
o Experience leading and managing compliance and advisory audit projects
o Experience with data analytics and data visualization tools*
*Any experience for these above would be considered as an asset
Education/Certification/Designation
· Master’s in Business Administration or a Bachelor’s Degree in Computer Sciences, Information Systems, or equivalent
· Possess at least one of the following security certifications: Certified Information System Security Professional (CISSP), Certified Information System Auditor (CISA), Certified Information Security Manager (CISM), or Certified in Risk and Information System Control (CRISC)
Competencies
· Identifies potential safety and security risks
· Collaborates with others and shares information
· Sets direction and inspires others
· Communicates with impact
· Demonstrates agility and drives change
· Knows the business and stays current on industry needs
· Applies critical thinking
· Solves problems to create value
Technical Skills/Knowledge
· Knowledge of auditing procedures and risk assessment
· Excellent knowledge of I&T best practices and frameworks (e.g., Control Objectives for Information Technologies (COBIT) and Information Technology Infrastructure Library (ITIL))
· Knowledge of Committee of Sponsoring Organizations of the Treadway Commission (COSO)
· Knowledge of Sarbanes Oxley (SOX)*
· Fluently bilingual both written and verbal (English, French)*
*Any knowledge for any of the above would be considered as an asset