Senior IT Auditor

Date: Nov 14, 2021

Location: San Juan, PR

General Description

Lead the execution and completion of high-quality IT audit projects in accordance with the annual audit plan and under the direction of the Internal Audit management team. Assess business processes, risks, and internal controls to provide an independent evaluation of the Corporation’s IT internal control environment and provide recommendations to improve business processes and controls, and contribution towards greater business efficiency. Live the principles of Popular's Code of Ethics, Corporate Policies and Guidelines and the Rules of Conduct, among others.

 

Conducts audits of systems, applications, and general technology related processes to validate whether appropriate controls are in place that promote the safeguard of assets, accuracy of data, operational efficiency, and compliance with applicable regulations.

Essential Duties and Responsibilities

Lead projects and assignments by following internal quality standards and audit methodology and in coordination with the division’s internal audit teams, including operational, compliance function, and SOX teams. Establish audit objectives and devise the audit plan and program in line with current audit scope, strategy, and budget. Examine department activities to evaluate IT risks exposures regarding the reliability and integrity of financial and operational information, effectiveness, and efficiency of operations, safeguarding of assets, and compliance with policies, procedures, and related laws and regulations. Foster compliance with pre-established projects’ timelines and timely communication of progress and any concern with deadlines to management. Supervise, review, coach, and evaluate staff auditors’ work to improve their capabilities and effectiveness in applying audit techniques while encouraging their professional development. Identify and elevate issues and processes enhancements, proposing solutions and root cause and effectively communicating them to team members, supervisors, and auditees. Play an active role in discussions and meetings and influence others through constructive input while creating an exceptional experience with auditees by understanding their expectations and seeking their feedback. Actively participate in the achievement of the Internal Audit’s strategic plan and in other special projects.

 

Under the direction of the Audit Supervisor or Manager, the IT Senior Auditor will lead technology audits across Popular. Performs interviews and walkthroughs in a professional manner to gain understanding of the process around systems or applications in the audit scope.  Analyzes data gathered to evaluate the design effectiveness of controls established by Management and develops program to test operating effectiveness as applicable.  Through various data querying, programing, and scripting techniques, plans, writes, and tests repeatable programs required to obtain information needed or to detect exceptions as required. In coordination with Audit Supervisor and Manager, prepares, discuss, and submit audit findings and recommendations and helps prepare audit report.

Minimum Education

Bachelor's Degree in Computer Science or Information Systems

Experience

Minimum (5) years of experience in IT internal or external auditing function or equivalent experience in an IT control function.

Certifications / Licenses

Certified Information Systems Auditor (CISA)

ISACA Certificate: Certificate in Cloud Auditing (CCAK) and / or Certificate in Cybersecurity Audit highly desirable.

Certified Information Systems Security Professional (CISSP)

Certified Internal Auditor (CIA)

CPA

Knowledge, Skills and Abilities (KSA's)

  • Outstanding interpersonal and communications skills (verbal / written); ability to communicate effectively with technical and non-technical audiences, in both English and Spanish.

  • Audit planning, execution, and reporting experience a must.

  • Comprehensive understanding of internal control within the IT environment.

  • Understanding of information security standards, best practices for securing computer systems, and applicable laws and regulations.

  • Experience with multiple technology domains including IT general controls applicable to Microsoft Windows / Office 365, web and/or database management, software development, networking, and automation.

  • Working knowledge of Office 365 collaboration tools: Teams, Word, Excel, PowerPoint, SharePoint, and Power Tools.

  • Excellent people skills to develop and maintain good relationships with auditees, anticipate their needs, present alternatives, and provide follow-up to the agreements reached.

  • Excellent organizational skills to work with multiple duties and comply with established deadlines.

  • Excellent leadership and teamwork skills.

  • Results-driven and proactive.

  • Knowledge of internal auditing, internal controls, risk management, and finance and accounting practices and methods.

  • Working knowledge of relational databases and SQL, ACL or Arbutus, and Database Querying (SQL).

  • Knowledge of FFIEC CAT framework or similar framework. (NIST, CIS, COBIT).

  • Knowledge of AWS, Azure, and Cloud Environnments in general.

  • Experience with visualization tools such as Excel, PowerBI, Tableau, etc.

  • Experience on Agile methodologies and general software development lifecycle process.

  • Ability to learn new skill sets and adapt to work in different roles.

  • Available to travel as needed.

Competencies

Accountability
Analytical Discipline
Business Excellence
Change Agent
Character
Collaboration & Teamwork
Customer Centric
Self Development

Additional Information

The information provided here is only a general guide as to the nature of the position and does not constitute an exact description of the goals, tasks, duties and responsibilities of the position. The specific details of each position are described in the employee’s performance evaluation.