Internal Audits is seeking an Information Technology (IT) Auditor with strong cybersecurity experience. Internal Audits' primary mission is to provide quality, independent evaluations of designated University activities as a service to Temple University and the Board of Trustees. To this end, the IT Auditor will perform cyber risk assessments and audits throughout the university and is responsible for evaluating information systems and operating procedures and the effectiveness of controls at the network, operating system, database, and application level to ensure accuracy of data and to promote operational efficiency and security. The IT Auditor will play an integral role in assessing and identifying opportunities to strengthen enterprise security. The IT Auditor will perform audits of information technology systems, business processes, security regulatory risk management, general IT controls, operating systems, networks, application controls, pre- and post-implementations of application systems, business continuity/ disaster recovery, and cybersecurity vulnerabilities. The incumbent will also develop, tailor, and perform IT control test procedures, and develop analytics. Performs other related duties as assigned.
Required Education and Experience:
BA/BS in Business Administration, Accounting, Computer Science, MIS or related field; MBA a plus. Must possess at least 3 years of IT auditing or related experience with professional services or external auditing. CISA or CISSP; additional certifications, CISM, CRISC, or Cybersecurity are a plus. Must have a working knowledge of COBIT, ISO, COSO and NIST frameworks. Must also have a working knowledge of Windows, Linus, Oracle, SQL, networks, etc. Demonstrated experience with data analytics and data mining tools. Experience auditing IT business environments, operating systems, general IT controls, application controls, systems development, networks, databases, cyber and mobile security. Strong background in auditing techniques and/or computer control environments. An equivalent combination of education and experience may be considered.
Required Skills and Abilities:
*(ACL, SQL) Ability to analyze data to identify hidden trends or issues.
*Must possess a strong understanding of encryption and end point security.
*Demonstrated knowledge of IT/cyber security threats, risk, and vulnerabilities.
*Demonstrated ability to work effectively with other auditors, personnel from other departments, senior management, and individuals from outside the university setting.
*Banner (ERP) application experience.