Senior IT Auditor
As Aaron’s Senior IT Auditor, you will be responsible for planning, coordinating and executing IT assurance and consulting engagements, integrated assurance engagements and SOX control design and operating effectiveness assessments. This includes completing thorough process reviews to assess key risk areas, develop detailed test of controls and evaluate compliance with applicable regulations. The Senior IT Auditor may also be required to evaluate other aspects of the IT control environment, such as change management, system development and access controls. In this role, the Senior IT Auditor is expected to act as an advisor to management regarding the impact of information technology on business processes, controls and compliance obligations. The incumbent should also understand key legislation or applicable industry guidelines pertaining to information security and privacy and provide guidance to management in regards to compliance and/or best practices.
Duties and Responsibilities: • Participate in and/or oversee the planning, execution and reporting of IT audits, including assurance and consulting engagements • Identify risks and expected IT controls through reviewing and/or preparing process documentation, including process flow diagrams and critical path narratives • Collaborate with other auditors to develop an integrated audit approach for financial, operational and compliance assurance engagements, as appropriate • Develop and execute audit programs to support IT audit engagement objectives by addressing key risks and controls • Test design and operating effectiveness of key application controls and IT general controls for significant IT applications to support management’s SOX assessment • Prepare or detail review working papers in accordance with department standards • Communicate project status, concerns or issues to management in a timely manner and escalate IT audit issues for timely resolution • Develop recommendations to mitigate risks or correct control deficiencies or gaps; provide advice to Company business units regarding best practices and corrective action alternatives based on cost/benefit • Monitor and track results of prior IT audit engagements, identifying themes across the organization to determine if appropriate corrective action has been taken regarding open audit recommendations • Participate in special projects pertaining to IT compliance initiatives, as needed • Perform other duties and responsibilities as assigned
Education and Experience: • B.A. or B.S. degree in MIS, Computer Science, Finance, or Accounting • 3-5 years of experience conducting IT audits or compliance reviews in medium to large corporate environments (public companies preferred) or equivalent Big 4 audit experience • Experience in supporting SOX testing, audits or compliance projects; retail, franchise or other regulated industry experience is preferred • Experience with Information Security, Privacy, IT Audit, Compliance & IT Management Standards: ISO27001/27002, PCI-DSS, SSAE-16 SOC1 & SOC2, SOX, NIST 800-53, COBIT, GAPP, & COSO • One or more of the following professional designations is preferred: Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), Certified Information Privacy Professional (CIPP), Certified Information Systems Security Professional (CISSP), Certified Public Accountant (CPA)
Required Skills and Competencies: • Project management skills • Ability to understand complex information systems, prioritize tasks and meet deadlines with minimal supervision • Proficiency in Word, Excel, Access and PowerPoint • Basic knowledge and understanding of data analytics and related tools (e.g., ACL and IDEA) and languages (e.g., SQL) • Working knowledge of audit management and process flow software (e.g., Workiva, Visio and ACL) • Availability to travel on a limited basis (approximately 10%) • Professional ethics – Adheres to Aaron’s key policies, practices and procedures; applies ethical principles and values to the requirements of the role • Internal audit management – Strives for quality and excellence and encourages others to do the same • International Professional Practices Framework – Maintains current knowledge of the International Professional Practices Framework (IPPF), the authoritative guidance issued by The Institute of Internal Auditors; develops deep understanding of Aaron’s audit methodology, policies and procedures, which are based on the IPPF • Governance, risk and control – Applies a thorough understanding of governance, risk and control appropriate to the organization (including knowledge of general accounting, business processes, internal controls, risk assessment and/or other related general/application controls); maintains a thorough understanding of all aspects of IT audits, including significant experience evaluating the relevance of control test results or deficiencies • Business acumen – Maintains knowledge, insight and understanding of business concepts, tools and processes that are needed for making sound decisions in the context of the company's business; able to apply this knowledge appropriately to diverse situations • Communication – Understands effective communication concepts, tools and techniques; effectively transmits, receives and accurately interprets ideas, information and needs through the application of appropriate communication behaviors; describes or explains complex processes and issues in a concise manner • Persuasion and collaboration – Nurtures and builds effective partnerships with audit engagement clients to achieve results; team player, comfortable working on multiple teams/projects simultaneously and independently, as needed • Critical thinking – Understands the issues related to the decision-making process; able to analyze situations fully and accurately and reach productive decisions • Internal audit delivery – Demonstrates efficiency and persistence, managing own time and ensuring engagement deadlines and objectives are met; follows up with management to ensure that management actions have been effectively implemented or that senior management has accepted the risk of not taking action; understands the necessity and value of accuracy and attention to detail; processes information with high levels of accuracy • Improvement and innovation – Champions change, continuous improvement and innovation and supports others in the pursuit of these
Team members enjoy access to career training and advancement opportunities, and are rewarded with competitive compensation and a comprehensive benefits package, which includes:
- Paid time off including vacation days, sick days and holidays
- Medical, dental & vision insurance
- Maternity and Paternity Leave
- 401(k) plan with company match
- Flexible spending accounts
- Life insurance
- Disability benefits
- Stock Purchase Plan
- Team Member purchase discounts
At Aaron’s we offer sales and lease-to-ownership of specialty items including furniture, consumer electronics, home appliances, and accessories throughout the United States and Canada. Our customers shop at Aaron’s for the same reason you should choose us for the next step in your career – our ability to positively influence people’s lives. If you are looking for a company with the passion and dedication to make a difference in the lives of customers and team members alike, join us today.
Aaron's is committed to creating a diverse and inclusive work environment, celebrates our team members' differences, and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, pregnancy, religion, sex, sexual orientation, gender identity, national origin, age, disability, veteran status, military duty, gender expression, genetic information, or any other protected class. Candidates who require accommodation during the recruitment process should contact firstname.lastname@example.org.
Aaron's is an Equal Opportunity Employer