Senior IT Auditor

Senior IT Auditor

Employment Type Permanent Location Remote, Ontario Apply SHARE THIS JOB Job Description:

Our client is a global provider of enterprise software solutions serving a variety of distinct vertical markets. They acquire, manage and build vertical market software businesses. Generally, these businesses provide mission critical software solutions that address the specific needs of our customer’s vertical markets. Their focus on acquiring businesses with growth potential, managing them well and then building them has allowed them to generate significant cash flow and revenue growth.

The responsibilities of the Senior IT Auditor is as follow but not limited to:

Full scope, end-to-end responsibility in the delivery of IT audit engagements in accordance with the Internal Audit plan with guidance and direction from the VP Internal Audit.

Perform risk assessments and ensure that audit scope covers all significant IT risks.

Provides audit support for the CEO/CFO certification program under NI 52-109.

Leading and executing IT audit engagements independently, in accordance with the Internal Audit plan across subsidiary companies, including scoping and planning, testing as well as reporting and following-up with management.

Translating high priority technology and cyber security risks into actionable audit programs including documenting risks, controls and building test steps.

Execution of selected assignments as part of a broader audit engagement including establishing milestones, completing work assignments, testing and being accountable for results.

Preparing audit reports based on documented working papers that support opinions and recommendations to improve processes, systems and internal controls.

Develops and provides practical “fit for purpose” recommendations to management that address risks and improves the IT control environment.

Shares and collaborates learnings on approaches and findings with other IA team members, for wider sharing of lessons learned and potential company-wide implications of observations.

Review and analysis of key quarterly financial checklists and information from subsidiary operating groups.

Provide consultation services to management on issues related to IT risk assessment, governance, and control systems, as required.

Participate in special investigations related to information technology and system configurations, when required.

Other ad-hoc operational analyses and special projects as directed by the VP Internal Audit. TMGNY Job Requirements:

Systems integration Audit experience required

Certified Information Systems Security Professional (CISSP) or Certified Information Systems Auditor (CISA) designation is required.

Minimum of 3 to 5+ years experience including with Big 4. Experience should include conducting IT general controls audits and SOC2 reviews and familiarity in infrastructure management, IT operations, information security and application management.

Solid understanding of processes and controls related to business applications, networking functionality, databases, operating systems, and other infrastructure.

In-depth knowledge in security controls specifically in infrastructure security including SIEM, Log Management, Data Loss Prevention, Endpoint Security, Network and Security Monitoring.

Must possess knowledge of risk assessment as well as good knowledge of various technologies and the ability to analyze and form an opinion on risks and controls relating to systems, IT infrastructure and the areas they support.

Ability to work independently with minimal supervision in remote settings as required.

Experience in building risk-based audit programs, Risk Controls Matrices and controls documentation required.

Willing and able to travel up to 30% of the time within North America and Internationally. Desirable Assets

Experience auditing or supporting implementations of Microsoft Dynamics 365 Finance & Operations (D365 F&O), including review of system configurations, access controls, and automated application controls.

Experience with Oracle ERP environments, including Oracle E-Business Suite and/or NetSuite, with exposure to IT general controls (ITGCs), application controls, and system security configurations.

Experience with Cyber Maturity Assessments, Crown Jewel Assessments and/or PCI Assessments.

Experience with offensive security and penetration testing.

Any combination of the following security certifications: OSCP, CISM, CGEIT, SSCP, CAP, GIAC. MCSE, CCNA, CCNP or CCIE.

Previous experience in any IT related function involving management, application development or acquisition, business continuity, disaster recovery planning, computer operations system analysis, networking, security systems and security administration. Additional Information:

The Mason Group is committed to fostering a diverse, inclusive, and accessible recruitment process. We welcome applicants from all qualified candidates. Accommodations are available upon request for candidates participating in all stages of the recruitment process, in accordance with the Accessibility for Ontarians with Disabilities Act (AODA).

This role is for an immediate vacancy, and we are actively hiring. Apply