Job Description:

Leads and enhances the institution's IT audit functions, including cybersecurity, system integrity, and data privacy. Responsible for developing and implementing comprehensive IT audit strategies, policies, and procedures to ensure the institution's IT assets are effectively safeguarded and comply with applicable laws and regulations. Working closely with senior management and various department heads, and subject matter experts from various areas of IT this position will identify potential IT risks and vulnerabilities, recommend mitigation strategies, and provide critical insights to support the institution's strategic objectives. This position will also be responsible for enhancing audits using technology and computer aided auditing tools. By leveraging their expertise in IT audit and information systems, the Information Technology Auditor will play a key role in strengthening the institution's IT governance framework, improving operational effectiveness, and fostering a culture of continuous improvement and compliance. Through their efforts and collaboration, they will enable the institution to achieve higher levels of assurance, control, and efficiency in its use of technology, supporting data-driven decision-making and enhancing overall institutional resilience.

Formulates comprehensive IT audit strategies, policies, and procedures that address the institution's specific needs and regulatory landscape, ensuring effective safeguarding of university IT assets and data.

Responsible for performing and overseeing the planning, execution, and management of IT audit projects, focusing on cybersecurity, system integrity, and data privacy to ensure alignment with federal, state, regulatory and institutional goals and compliance requirements.

Serves as the liaison with IT for IT external auditors and/or co-sourced audit consultants such as IT subject matter experts (SMEs).

Conducts thorough risk assessments to identify IT vulnerabilities and threats. Develop and recommend areas to manage identified risks and enhance the institution's security posture/compliance.

Integrates and utilizes advanced technology and computer-aided auditing tools to increase the efficiency and effectiveness of audit processes. Explores and implements new technologies that can support auditing activities.

Acts as a trusted partner to senior management and various department heads to provide expert advice on IT risks, security controls, and compliance issues. Offer actionable insights to support the institution's strategic planning, decision-making processes and compliance goals.

Prepares and presents detailed audit reports that clearly communicate audit findings, implications, and recommendations to stakeholders, while ensuring they are placed in the appropriate context. Ensures timely follow-up on audit recommendations to monitor implementation and impact.

Enhances the institution's IT governance framework by ensuring that IT audit activities are aligned with overall governance structures and compliance requirements. Advocates for best practices in IT governance, risk management, and control.

Evaluates and recommends improvements to operational processes through the strategic application of IT audit findings. Foster a culture of continuous improvement and operational excellence across the institution.

Keeps abreast of the latest trends and developments in IT audit, cybersecurity, and regulatory compliance. Participates in professional development opportunities and share knowledge with the audit team and broader institution. Engages with internal and external stakeholders to build trust and collaboration. Participate in committees and working groups related to IT governance, risk management, and audit to represent the audit department's interests and perspectives. Performs other job-related duties as required.
EEO/AA
Bachelors and 3 years experience

Education: Requires a thorough understanding of both theoretical and practical aspects of an analytical, technical or professional discipline; or the basic knowledge of more than one professional discipline. Knowledge of the discipline is normally obtained through a formal, directly job-related 4 year degree from a college or university or an equivalent in-depth specialized training program that is directly related to the type of work being performed.Experience: Requires a minimum of three (3) years of directly job-related experience. Preferred: Experience in a distributed higher education environment.Certification/Licensing: Requires licensing, certification or registration directly related to the job, as specified on the job posting details. Preferred Certifications: ISACA Certified Information Systems Auditor (CISA), or ISO Auditor certification or equivalent formal audit certification.

Apply Now