Current Open Positions

Technical (Information Technology) Audit Specialist

Description:

This role can have a Hybrid or Remote work arrangement.  Candidates who live in the Greater Hartford, CT area will have the expectation of working in an office 3 days a week (Tuesday through Thursday).   Candidates who do not live near an office will have a remote work arrangement, with the expectation of coming into an office as business needs arise.

WHAT ARE THE RESPONSIBILITIES OF THE POSITION?
This position offers the opportunity to analyze end to end IT & Security service operations and the complex tools and applications that enable them, while keeping your knowledge paced with emerging technology and industry trends in cyber security. In addition, you will review and analyze IT governance processes, as well as develop and perform continuous auditing techniques leveraging data analytics to provide ongoing coverage for the Audit Committee of the Board of Directors and Senior Management. The role provides the unique opportunity to assess and help improve the control environment, upskill and coach less technical auditors on the team, with a focus on delivering risk-based assurance and advisory audit services. As a Technical Audit Specialist, you would receive:
• Diverse assignments in key IT service, technology, and security areas
• Progressively challenging assignments in high and emerging risk areas such as cyber, public cloud, DevSecOps, acquisitions, etc.
• Opportunities to leverage data analytics and AI technologies throughout the audit process
• Approximately 40 hours of continuing professional education each year, including training in technology, auditing and personal development skills

Responsibilities:

1. • Demonstrate the ability as a self-starter by working independently by applying the departments audit methodology in a team environment to maximize performance.
2. • Effectively interface with 1st and 2nd lines of defense, including various levels of management, and have a working knowledge of effective governance processes for critical IT areas.
3. • Furthers technical knowledge and demonstrates a strong understanding when completing assigned work related to emerging technology risks for existing and new technology implementation efforts.
4. • Participate on key phases of the audit from planning to reporting, including understanding the technologies under review, how IT enables business operations, scoping the audit, identifying risks and controls, designing and executing testing with minimal oversight, and assisting with audit report writing.
5. • Examine key operational and information technology/security processes, leverage critical thinking skill to identify risks and ensure appropriate controls have been designed, and develop corresponding test procedures.
6. • Identify value-add improvement opportunities and control enhancements, effectively communicate audit issues and valuable recommendations in both technical and non-technical terms to Operational and IT management.
7. • Demonstrates increased technical understanding of data analysis concepts and practices, includes writing/QA’ing scripts, leveraging AI to assist as needed to source data.
8. • Possesses an innovative mindset and contributes to process improvement initiatives, including establishment of continuous monitoring models across key IT controls and performance metric reporting.
9. • Produce high quality work papers, clearly and comprehensively documenting understanding of control procedures and results of work performed.
10. • Take an active role in facilitating the training and development of less experienced team members and be able to demonstrate leadership through engagement and personal development.
11. • Working knowledge of industry cyber frameworks/guidance (e.g., NIST CSF, CIS Critical Security Controls, etc.) as well as cyber regulations (e.g., NY DFS, etc.) and an ability to assess against them.

Requirements:

1. • 7 + years of experience in IT/Security audit; similar duration as an IT or Security professional is also acceptable (focus on cloud technology preferred).
2. • Deep knowledge of risk assessment, risk and control self-assessments process enhancements, audit methodology, and audit execution.
3. • Desired candidate will have excellent written and verbal communication skills, and a history of demonstrated courage, conflict management, customer focus, dealing with ambiguity, interpersonal savvy, organizational agility, perseverance, and problem solving.
4. • Strong critical thinking and analytical skillsets.
5. • Effective project management leadership experience in risk or audit functions.
6. • Demonstrated ability to evaluate internal controls, effectively execute large portions of an audit independently, analyze and solve complex problems, conduct research, and express ideas clearly, concisely and persuasively both verbally and in writing.
7. • Able to coach and grow less technical team members on the critical technologies being audited.
8. • Preference for professional certification (e.g., CISA, CISSP, AWS certifications).

Salary:

$115,000 - $135,000 + 14% target bonus (can be paid up to 200%)

Location:

Hybrid - Greater Hartford, CT OR REMOTE