Full Time, Employee

Harrisburg, PA

Senior Information Technology Auditor

The individual in this role is responsible for leading and conducting complex independent and objective audits with respect to the Information Technology division, department, and/or activity. This individual is responsible for planning, organizing, and execution of information system reviews. These audits include identifying risks and tests controls associated with information systems integrity and operational effectiveness, compliance with rules and regulations, and system and data integrity. These audits also include reviewing and reporting on the effectiveness of management systems and controls, evaluating the integrity and reliability of information used by management in decision making, and developing and reporting recommendations for operational improvements and correction of control or procedural deficiencies based on findings and conclusions. This position is also responsible for developing audit programs and procedures.



Information Technology Audits (75%)

 Lead complex IT and integrated audits by evaluating applications, system operations, and supporting infrastructure including scheduling, processing, input/output systems flow, controls and edits, data storage, and security procedures to ensure that systems integrity exists.

 Lead and conduct reviews of processes, policies, procedures, security, and configuration controls of existing systems as well as proposed controls of new systems.

 Conduct a thorough analysis as problem areas are discovered.

 Participate in risk assessment and planning discussions to define audit objectives, scope, and develop audit programs based on the defined objectives.

 Attend meetings with internal auditor staff and/or conduct interviews with management and staff of the assigned audit area, as necessary, to gain an understanding of the respective processes and the controls governing the assigned audit area.

 Design, write, test, implement, and document Computer Assisted Audit Techniques (CAATs) programs for audit utilizing Microsoft Access, ACL, or other software packages.

 Review documentation for all stages of the audit, ensuring complete and accurate audit results as well as compliance with department standards.

 Analyze findings and test results and arrive at sound fact-based conclusions and appropriate recommendations for problem areas noted.

 Identify risks, controls and gaps within a process or systems.

 Draw conclusions and provide recommendations in a clear, concise and constructive manner, both orally and in writing.  Communicate with departmental representatives and client management regarding status of audits/projects.

 Conduct follow-up work, as necessary, to evaluate corrective action taken by management to resolve previous IT audit observations and ensure corporate compliance with policies, laws, and regulations.

 Research and apply industry best practices while challenging an organization or status quo.

 Ensure the effective accomplishment of audits according to the audit plan. Project Management and Communication (15%)

 Prepare workpapers, schedules, and summaries documenting audit evidence, conclusions, and findings reached.

 Mentor less senior internal auditors. This may include assigning work, reviewing work for adherence to standards, provide coaching guidance, and provide solutions to problems arising during audits/projects.

 Develop audit programs and audit procedures, as needed.

 Manage assigned project tasks and areas of responsibility to project team members from basic to complex.

 Monitors quality, rate of progress and communicates through status reports.

 Manage highly complex audits.

 Partner with team members and across all divisions to provide guidance to manage audits through to completion.

 Scopes, plans, and prioritizes multiple projects.


 Provide coaching that fosters development and technical growth through assignment, mentoring, or training.

 Keep up-to-date and increase knowledge in the areas of auditing, information technology, business, organization initiatives, and maintain professional certifications.

 Attend training programs and professional association meetings as considered appropriate for the benefit of self and department.  Keep track of and accurately report time spent by self on a daily basis.

 Other duties as assigned.


inimum Qualifications: Bachelor’s degree in information systems, computer science, or related field and two to four years of experience, preferably including two years in public accounting firm.

Professional license (CPA, CISA, CIA, CITP) required and any combination of knowledge, experience, and training.

 Experience in performing Windows, UNIX, network, web, database and technical audits.

 Demonstrated ability to quickly understand and assimilate business and IT processes.

 Demonstrated knowledge of National Institute of Standards and Technology (NIST) and Federal Information Security Management (FISMA).

 Demonstrated experience including but not limited to auditing Microsoft Windows, UNIX, Oracle database, SQL database, PeopleSoft, RACF.

 Excellent analytical, decision making and time management skills.

 Mature planning, organizing and directing skills.

 Knowledge of the concepts, theories, principles, and practices of auditing, including internal control concepts.

 Advanced ability to review, analyze, validate, and reconcile financial/accounting information.

 Ability to collaborate and influence change at the highest levels of the organization.

 Demonstrated advanced written and verbal communication and organizational skills.

 Possesses advanced problem solving and analytical skills.

 Ability to develop and maintain effective working relationships with individuals at all levels of the organization.

 Ability to balance multiple projects at one time.

 Proven ability to meet established milestone due dates, self-imposed or otherwise.

 Proficient in Microsoft Office suite.


 Perform work required for this position in an office environment.

 Infrequent travel.

 Prolonged, extensive, or considerable sitting.

 Ability to read information and work via computer screen for long period of time.

 Ability to maneuver throughout the facilities.

 Ability to lift a maximum of 10 lbs.

 Must be able to use a personal computer.

 Must be able to conduct detailed research.

 Must be able to perform basic math skills.

 Must be able to have regular and predictable on-site attendance; highly interactive role.


 Excellent analytical, critical thinking and organizational skills.

 Excellent written and verbal communication skills.

 Ability to work effectively in groups.

 Ability to concentrate for extended periods of time.

 Ability to withstand moderate amounts of stress.

 Ability to maintain a professional attitude and appearance.

 Ability to work independently with moderate supervision.