|Job Title||Auditor II #NGGJP00002490
|Requirements||Previous background with a big 4 firm preferred
3-5 Years of IS Audit Experience
3-5 Years of IS SOX Controls testing
CISA – Strongly Preferred
CRISC – Desired
CISM – Desired
Archer GRC (Desired)
Understanding of assessing third part service providers and associated risks
Understanding of SSAE 16, ISAE 3402, SOC 1, SOC 2 and AUP reports and principles
Understanding of SAP systems and controls, including basis and technical components
Knowledge of control frameworks (COSO, CobIT, ISO, UCF, NIST)
Understanding of Utility regulations (Gas and Electric)
Ability to demonstrate management of Internal and External audit organizations
Digital Security , Risk & Compliance Team, Internal Audit
Wider Global IS Teams e.g. Service Delivery, Relationship Management, Procurement, Legal, Business Controls team responsible for SOX
Service Providers, including partner eco-system
|Description||Compliance Analyst A full time role with the main function of Digital Risk and Security within the IS Compliance area:
Complete compliance assessments and identify control deficiencies to ensure compliance with regulations.
Conduct reviews of internal controls, policies and procedures.
Recommend improvements in internal control structure.
Identify control deficiencies, and CyberSecurity vulnerabilities.
Conduct independent assessments of third parties.
Conduct assessments to identify vulnerabilities, including Data Privacy, PCI, SOX, and other international, federal and state regulations.