HiringCafe
Posted 6d ago

Sr. IT Internal Auditor

@ Sompo International
View All Jobs
Purchase, New York, United States
$115k-$140k/yrHybridFull Time
Responsibilities:perform audits, test controls, draft reports
Requirements Summary:Senior IT Auditor with CISA, Big 4 experience, ITGC/ITSOX knowledge, COBIT/NIST/ISO 27001 expertise, capable of leading audits across regions.
Technical Tools Mentioned:TeamMate, COBIT, NIST, ITIL, ISO 27001, ISO 27017, CISA, CISSP, CIA
Save
Mark Applied
Hide Job
Report & Hide
Job Description

Job Description

Sompo has a unique opportunity for a Senior IT Auditor to join our Global IT Internal Audit team.

This role will work with our US Senior IT Audit Manager, the successful candidate will perform and oversee IT Internal Audits and IT SOX work across North America, the UK and European business lines (part of Sompo International), with opportunities to perform and oversee IT Internal Audits and IT SOX work across South America and the Asia region. 

 

The successful candidate will be required to proactively perform and oversee IT Internal audits of IT Governance, IT General Controls, Cybersecurity, and IT Infrastructure, in line with standard third line Institute of Internal Auditors (IIA) audit methodology.

 

Location: This position will be based out of our Purchase, NY office. We strive for collaboration which is why we offer a work environment where our employees thrive and develop long lasting careers.

Our business, your impact, our opportunity:

What you’ll be doing:

  • Performing a variety of third-line IT Internal Audits, completing audit fieldwork testing to assess the design and operating effectiveness of IT processes and related controls, within agreed timelines (with a strong delivery focus).

    • Standard Internal Audit methodology will be followed, populating audit work performed within Team Mate (our Internal Audit system).

    • Clear IT Audit reports will be drafted containing IT Audit Issues with agreed management action plans.

    • Open IT Audit issues will be proactively tracked through to remediation / closure.

  • Performing rolling IT SOX (Sarbanes-Oxley Act) testing the design and operating effectiveness of IT Entity Level Controls (IT ELC’s), IT General Controls (ITGCs) and IT Application Controls (ITACs) across key financial applications and supporting tools, within agreed timelines (with a strong delivery focus).

    • Standard Financial Controls / ICoFR (Internal Control over Financial Reporting) methodology will be followed, populating SOX control design and operation within Team Mate (our Internal Audit system).

    • Clear IT control deficiencies will be drafted with agreed management action plans.

    • Open IT deficiencies will be proactively tracked through to remediation / closure.  

  • Collaboration with IT External Audit teams (including EY and Mazars) across Sompo International entities

  • While the role will focus on North America and Europe (including UK) IT Internal Audits, and IT SOX work, this role will also assist with IT Internal Audits and IT SOX work across other regions globally, where required

What you’ll bring:

  • Bachelor’s degree in; Computer Science, Accounting, Finance, Economics, or related IT Audit subject – required.

  • Numerous years of relevant IT Audit experience from a “Big 4” professional services firm (Deloitte, PwC, KPMG, EY, or similar, such as BDO, Grant Thornton, Forvis Mazars, etc.) – required.

  • Certified Information Systems Auditor Certification (CISA) from the Information Systems Audit and Control Association (ISACA) – required.

  • Base knowledge, skills, and experience in the principles and practices of technology, IT industry trends, IT Governance controls, IT General Controls (including IT Service Management), Cybersecurity controls (including network security), and IT infrastructure controls (including Cloud).

  • Experience in standard Institute of Internal Auditors (IIA) audit methodology (audit planning, fieldwork, and reporting), with an attention to quality to meet methodology requirements with minimal review.

  • Other relevant professional certifications are beneficial, such as the Certified Information Systems Security Professional Certification (CISSP) and/or Certified Internal Auditor Certification (CIA).

  • Working knowledge of IT industry frameworks (including COBIT, NIST, ITIL) and IT Industry standards (such as ISO 27001, the Information Security Standard, and ISO 27017, the Cloud Security Standard, etc.).

  • An understanding of the base requirements of key IT regulations such as the expected IT control requirements of the:

    • Sarbanes-Oxley Act of 2002 (SOX).

    • Japan Sarbanes-Oxley Act of 2006 (J-SOX)

    • New York State Department of Financial Services (NY DFS) Part 500 Cybersecurity Regulation.

    • EU’s General Data Protection Regulation (GDPR) on data privacy

    • EU’s Digital Operational Resilience Act (DORA) on cyber resilience, etc.

  • Experience with Team Mate (or similar audit systems) a plus.

Salary Range: $115,000 – $140,000Actual compensation for this role will depend on several factors including the cost of living associated with your work location, your qualifications, skills, competencies, and relevant experience.

At Sompo, we recognize that the talent, skills, and commitment of our employees drive our success. This is why we offer competitive, high-quality compensation and benefit programs to eligible employees.

Our compensation program is built on a foundation that promotes a pay-for-performance culture, resulting in higher incentive awards, on average, when the Company does well and lower incentive awards when the Company underperforms. The total compensation opportunity for all regular, full-time employees is a combination of base salary and incentives that gets adjusted upfront based on overall Company performance with final awards based on individual performance.

We continuously evaluate and update our benefit programs to ensure that our plans remain competitive and meet the needs of our employees and their dependents. Below is a summary of our current comprehensive U.S. benefit programs:

  • Two medical plans to choose from, including a Traditional PPO & a Consumer Driven Health Plan with a Health Savings account providing a competitive employer contribution

  • Pharmacy benefits with mail order options

  • Dental benefits including orthodontia benefits for adults and children

  • Vision benefits

  • Health Care & Dependent Care Flexible Spending Accounts

  • Company-paid Life & AD&D benefits, including the option to purchase Supplemental life coverage for employee, spouse & children

  • Company-paid Disability benefits with very competitive salary continuation payments

  • 401(k) Retirement Savings Plan with competitive employer contributions

  • Competitive paid-time-off programs, including company-paid holidays

  • Competitive Parental Leave Benefits & Adoption Assistance program

  • Employee Assistance Program

  • Tax-Free Commuter Benefit

  • Tuition Reimbursement & Professional Qualification benefits

In today’s world, what do we stand for?

Ethics and integrity are the foundation of delivering on our commitment to you. We believe that core values drive success, and that when relationships are held in the highest regard, there is nothing that cannot be accomplished. At Sompo, our ring is more than a logo, it is a symbol of our promise. Click here to learn more about life at Sompo.

Sompo is an equal opportunity employer and we intentionally value inclusion and diversity. Above all, we want you to work in an environment that respects everyone’s unique contributions – we are passionately committed to equal opportunities. We do not discriminate based on race, color, religion, sex orientation, national origin, or age.