Sr. Internal Auditor, Michigan

Sr. IT Internal Auditor - SOX, GAAP, PCAOB and CISA, CIA, CISSP or CPA strongly preferred

Ann Arbor, MI - Hybrid On-Site (3-4 days/week)

SUMMARY

The Senior Internal Auditor is responsible for performing risk-based Information Technology audits including evaluating risks (external & internal threats, platform & application vulnerabilities, data protection, etc.), testing controls designed to mitigate risk, communicating issues and findings to management, consulting to identify business or technology improvements, and following-up on corrective actions.

RESPONSIBILITIES AND DUTIES

Execute risk-based compliance audits.

Perform SOX IT audit work over Information Technology General Controls (ITGCs), application controls, and key reports.

Prepare well-documented and organized workpapers that facilitate the reviewer's understanding of source of data, program steps and rationale for testing, results and effectiveness of controls.

Communicate audit findings and SOX deficiencies to management.

Develop and assist in the implementation of recommendations to improve internal controls and operating processes.

Utilize and understand IT frameworks (e.g. CIS Controls Framework, COBIT, ISO 27000, GAPP, SANS, NIST) in the performance of audit work.

Execute risk-based operational audits.

Perform IT and operational audits as outlined in the approved annual Internal Audit plan that include the following:

Conducting audits / special assignments that review IT systems and IT processes/procedures to ensure the company is effectively utilizing and controlling its IT environment.

Auditing the activities of various departments for compliance with plans, policies, and procedures prescribed by management and/or external agencies.

Collaborate with operational audit team members to perform integrated business processes and technology audits.

Communicate audit issues and related recommendations to management. Draft audit reports that provide an accurate assessment of the audit area and recommend feasible solutions to problems identified.

Perform other Internal Audit duties as necessary.

Maintain up-to-date knowledge of SOX compliance guidelines and interpretations.

Acts as a liaison with the external auditors and supports their initiatives (e.g., year-end fieldwork).

Attend training and keep current on continuing professional education requirements.

Work to implement methods and systems that increase the effectiveness of the Internal Audit function (e.g. data analytics).

MINIMUM QUALIFICATIONS

Bachelor's degree in accounting, Finance, Information Systems, or Computer Science.

3+ years of corporate experience; internal auditing or public accounting experience strongly preferred.

CISA, CIA, CISSP, or CPA certification strongly preferred.

Limited travel required (0-10%).

Understanding of IT internal auditing, GAAP, PCAOB standards, SOX compliance, CIS Controls Framework, PCI DSS, SSAE-16, and the COBIT & COSO frameworks.

Excellent communication skills, both oral and written; able to express complex ideas in simple terms; strong analytical and quantitative skills; ability to rapidly assimilate knowledge of processes and systems.

Proficiency in ACL software preferred.

Experience auditing PeopleSoft Financials and SAP preferred.

#LI-KF1