IT Auditor

We are currently seeking an IT Auditor to join our team.

The IT Internal Auditor is accountable for executing assigned parts of assurance and consulting engagements or leading lower-risk engagements as per the annual Audit Plan with the primary focus of evaluating and improving the effectiveness of First West Credit Union's IT and cyber risk management, control and governance processes. This role will collaborate directly with stakeholders at First West and provide a high level of professional service in line with the Institute of Internal Auditors' "International Standards for the Professional Practice of Internal Auditing, the Definition of Internal Auditing, and the Code of Ethics" ("IIA Standards").

Here's what would be included as a part of your typical day

1. Audit Delivery: Executes as part of the engagement team to deliver IT and cyber security assurance and consulting engagements. Contributes to the design and delivery of IT and cybersecurity assurance and consulting engagements using an agile, iterative, risk-based approach, or assists internal audit management in doing so. Help develop risk-based audit programs and related procedures for such areas to address the objectives or assists internal audit management in doing so. Completes files within time budgets and target dates, and/or reviews peer staff's files/work to ensure sufficient work was completed and evidence obtained to meet the objectives of the engagement.
2. Reporting and Communication: Investigates audit observations to identify root causes of control deficiencies. Writes concise, risk-focused reports with practical recommendations. Communicates with and engages stakeholders in a diplomatic and tactful manner, in discussions of audit observations, risks and recommendations. Ensures open communication with other members of the Internal Audit department, as well as other employees, members of management, risk, and other organizational partners, in the areas of risk management, governance, regulatory compliance, and internal policies/procedures.
3. Assistance and Advice: Contributes to and assists management and senior members of the Internal Audit department in the execution of the audit plan, and other department priorities and initiatives. Provides advice and recommends process improvements to mitigate risk to First West Management, without compromising independence and objectivity, on risk management, internal control and governance processes.
4. Professional Standards: Ensures adherence to the IIA Standards and maintains a professional standard of conduct. Maintains an understanding of departmental audit quality standards, policies and procedures, industry regulations, and relevant organizational policies and procedures, and imparts that understanding to staff and incorporating it into all assurance, consulting, and value-add activities.
5. Knowledge Management: Stays current with First West's strategic priorities, governance and risk management processes, business operations, and risk environment, as well as changing regulations, and emerging risks to contribute to Internal Audit's ongoing monitoring of First West's technology risk landscape. Keeps abreast of relevant governance, risk management and/or internal control frameworks (e.g., COBIT, NIST, etc.), as well as leading technology, industry or professional practices and trends to identify potential technology risks and apply the knowledge, where applicable, while carrying out audit engagements or other relevant responsibilities.

Required Skills, Experience & Qualifications

• Bachelor's degree in Computer Science, Management Information Systems, Business Administration or equivalent; working towards CISA or CIA preferred.
• 2 years of overall experience in audit, assurance, risk, or other relevant area is required
• Prior experience in data analytics (e.g., ACL) or other CAATs preferred.
• Demonstrated written and verbal communication skills, interpersonal skills, with the ability to interact effectively and build relationships with a range of stakeholders of the organization
• Analytical and problem-solving skills, with the ability to process information, reach appropriate conclusions, and develop practical recommendations to improve the overall effectiveness and efficiency of the organization
• Ability to exercise sound professional judgment
• Applied knowledge of IT and cyber security risks and controls, risk management and risk-based auditing concepts, techniques, practices, standards, and frameworks (e.g., COBIT, NIST, etc.)
• Demonstrated ability to understand and/or analyze the relationship between IT and cyber security risk, and the underlying business risk or objective.
• Basic knowledge of audit software applications, such as TeamMate, and proficiency in MS Office products, especially Word, Excel and PowerPoint
• Solid time management skills; demonstrated ability to juggle priorities and meet deadlines.
• Displays an understanding of risk and risk ownership by being able to demonstrate adherence to policies and procedures.