Sr IT Auditor

Zenith is a team of Worker’s Compensation Specialists committed to helping businesses succeed by protecting against financial consequences of workplace injuries, providing for the needs of injured employees and making the workplace safer. Through placing values such as collaboration, work-life balance, and integrity at the center of what we do, Zenith transparently continues to exceed its’ limits and distinguishes itself as the desired provider of Workers’ Compensation Insurance. In addition, Zenith supports career advancement through a dedication to ongoing learning and development. An individual coming to Zenith will not only receive competitive compensation and a comprehensive benefits package, but continuous opportunities to grow as a professional.

Job Requirements:

Under the general direction of the Internal Audit Leadership, this individual works as part of the Internal Audit team to plan, develop, schedule, direct, and perform Information Technology (IT) audit activities for Zenith Insurance Company. Responsibilities include: preparation of IT-related risk assessment for specific audit projects, leading and conducting IT audits to address results from the risk assessments in compliance with Department and professional standards, maintaining a high skill level to comprehend technological changes and determine impacts to risks and related internal controls, the performance of managerial duties involving the IT Audit staff and other members of the Internal Audit Department on an audit project basis as well as developing an in-depth knowledge of Zenith’s core business processes to ensure key risks are appropriately controlled and managed.

The essential functions of this position include, but are not limited to, the following:

Lead, direct, and perform comprehensive information technology audit activities of key business applications for Zenith Insurance Company including:
- Clearly understand the functionality of the business application and the key application controls
- Conduct risk assessments of key IT-related processes and information assets
- Prepare audit plans
- Perform independent evaluation and audit/testing of internal controls while analyzing, documenting and determining the overall adequacy of internal controls based on the results of the risk assessments
- Evaluate the consistency of procedures and their applicability across various financial application systems, hardware platforms, databases and operating systems
- Identify internal control weaknesses and make recommendations for improvements, and monitor remediation plans
- Assess opportunities to improve processes and identify opportunities for increased efficiency
- Create and write audit reports summarizing the results of the audits for the Audit Committee of the Board of Directors,
- Support the communication of audit issues and final results to the customer verbally and in written format
- Coordinate with process owners to remedy identified exceptions and deficiencies through to remediation
Interact with external auditors to facilitate the test of internal controls over IT processes supporting financial reporting.
Create and update the existing documentation for changes in processes and prepare new or updated controls documentation, flowcharts and policies and procedures.
Provide technological guidance and support to the Internal Audit Department. Implement generally accepted standards for IT control and security practices such as COBIT (Control Objectives for Information and Related Technology) and SANS (System Administration, Networking, and Security) Institute within the IT audit work.
On a project by project basis, perform lead duties including review of test results, work papers and reports for IT Audit and review of work performed by business partners and other auditors.
Participate as an active member of IT project implementation teams identifying areas of implementation risk and business risk as well as identifying potential options for addressing the identified risks.
Utilize database queries as an audit tool for data mining in the Internal Audit Department.
Perform related duties and special projects as assigned.
Act as a strong team member.

Education, Skills, and Requirements

A minimum of 4 to 6 years of Information Technology auditing experience is required with a demonstration of increasing responsibilities.
Bachelor degree in accounting, business, information technology, computer science, or similar discipline is required. Master degree in a similar discipline is preferred.
CISA or pursuing a CISA certification is required.
CISSP, CISM, CGEIT, CRISC, CIA or CPA is a plus.
Work experience with COBIT (Control Objectives for Information and Related Technology) is required.
Knowledge and experience in reviewing audit test plans, developing documentation and conducting testing of Sarbanes-Oxley 404 compliance required.
Excellent organizational skills including ability to work under pressure and deal with multiple tasks.
Proficient in use of Microsoft Excel, Word, Visio, and other database software.
Ability to lead other auditors assigned to perform specific technical audit work.
Computer programming or report writer skills are preferred.
Auditing experience with client server (Windows, Linux), communication protocols (TCP/IP), database (Oracle) environments is preferred.
Auditing experience with business application systems is required. Working experience with Oracle Financials (OAP) application system and Oracle databases is preferred.
Auditing experience with Business Recovery Plans and contingency planning is preferred.
Working knowledge with encryption, firewalls, and network security features is preferred.
Working knowledge with web technology, web-enabled applications, and cloud technology is preferred.
Knowledge and experience with business and information technology in the insurance industry is a plus.
Strong management, analytical, communication, and interpersonal skills.
Detail oriented and deadline driven in order to complete tasks and meet required deadlines.
Ability to perform multiple projects simultaneously.
Knowledge of technology auditing control disciplines including but not limited to IT governance, application development, information security, and disaster recovery.
Strong written and verbal communication skills; ability to present analysis and conclusions with clarity and professionalism.
Exposure to Agile and DevOps development methods is preferred.
Information Technology Infrastructure Library knowledge is a plus.

*Qualifications may warrant placement in a different job level*

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status. If you are a qualified individual with a disability or a disabled veteran, you have the right to request an accommodation if you are unable or limited in your ability to use or access our career center as a result of your disability. To request an accommodation, contact a Human Resources Representative at Zenith Insurance Company.

Related Post

Allied Universal: Event Security-Concerts-ConventionsAllied Universal: Event Security-Concerts-Conventions

Northrop Grumman: Sr Principal Engr Sw QualityNorthrop Grumman: Sr Principal Engr Sw Quality

AVP – Underwriting, Chubb Global CasualtyAVP – Underwriting, Chubb Global Casualty