Address
Form of workJob Description
Why you'll love this job
The IT Audit Governance team is responsible for monitoring the effectiveness of American s cybersecurity, technology, and operational controls, and ensuring regulatory compliance. This position has exposure across the company and exposes team members to a wide set of IT general security controls (i.e. access management, disaster recovery, change management, logical security) and remediation activities including developing and coordinating meaningful process improvement strategies.
What You'll Do
Facilitate user access reviews for a variety of systems including on-prem servers (Windows & Linux), databases, applications, cloud resources, etc. manually or using automated access review tools
Familiarity or willingness to learn IGA tools such as SailPoint IdentityNow, Sonrai Security
Prepare and scope reviews, while meeting with stakeholders to develop an understanding of the business and technology and identifying the key risks and controls to be assessed
Participate in walkthroughs and other meetings with process and control owners to ensure SOX testing plans are properly created to address financial reporting risks identified by management
Facilitate and track audit remediation activities with stakeholders to completion
Effectively communicate with executive management and Audit Committee to provide progress updates and ensure potential problems are disclosed appropriately
Work with internal auditors and regulatory examiners to collect and prepare requested documents and consulting with stakeholders on remediation efforts
Perform special projects related to cybersecurity as assigned by management.
Assess the effectiveness of controls to mitigate identified risks and offer solutions for process improvements related to audit remediation efforts
Analyze material risks as they relate to AA s priorities and overall strategy by monitoring internal and external factors and applying key business initiatives
All you'll need for success
Minimum Qualifications- Education & Prior Job Experience
Bachelor s degree in information technology or other related field experience
Experience in audit roles or a related control function - relevant certification or industry accreditation (e.g., CPA, CFA, CIA) encouraged
Working knowledge of ITSM/ITAM, regulatory compliance (SOX, PCI DSS, GDPR/PII and HIPAA) and cybersecurity principles
Strong proficiency in basic PC applications (Excel, Word, PowerPoint) with a general understanding of simple data analysis techniques like VLOOKUP, Pivot Tables etc.
Excellent critical thinking and problem-solving skills with the ability to learn both AA and industry standards (NIST 800-171, NIST 800-871)
Strong written and oral communication skills, PC skills, team building skills and the ability to work independently
The IT Audit Governance team is responsible for monitoring the effectiveness of American s cybersecurity, technology, and operational controls, and ensuring regulatory compliance. This position has exposure across the company and exposes team members to a wide set of IT general security controls (i.e. access management, disaster recovery, change management, logical security) and remediation activities including developing and coordinating meaningful process improvement strategies.
What You'll Do
Facilitate user access reviews for a variety of systems including on-prem servers (Windows & Linux), databases, applications, cloud resources, etc. manually or using automated access review tools
Familiarity or willingness to learn IGA tools such as SailPoint IdentityNow, Sonrai Security
Prepare and scope reviews, while meeting with stakeholders to develop an understanding of the business and technology and identifying the key risks and controls to be assessed
Participate in walkthroughs and other meetings with process and control owners to ensure SOX testing plans are properly created to address financial reporting risks identified by management
Facilitate and track audit remediation activities with stakeholders to completion
Effectively communicate with executive management and Audit Committee to provide progress updates and ensure potential problems are disclosed appropriately
Work with internal auditors and regulatory examiners to collect and prepare requested documents and consulting with stakeholders on remediation efforts
Perform special projects related to cybersecurity as assigned by management.
Assess the effectiveness of controls to mitigate identified risks and offer solutions for process improvements related to audit remediation efforts
Analyze material risks as they relate to AA s priorities and overall strategy by monitoring internal and external factors and applying key business initiatives
All you'll need for success
Minimum Qualifications- Education & Prior Job Experience
Bachelor s degree in information technology or other related field experience
Experience in audit roles or a related control function - relevant certification or industry accreditation (e.g., CPA, CFA, CIA) encouraged
Working knowledge of ITSM/ITAM, regulatory compliance (SOX, PCI DSS, GDPR/PII and HIPAA) and cybersecurity principles
Strong proficiency in basic PC applications (Excel, Word, PowerPoint) with a general understanding of simple data analysis techniques like VLOOKUP, Pivot Tables etc.
Excellent critical thinking and problem-solving skills with the ability to learn both AA and industry standards (NIST 800-171, NIST 800-871)
Strong written and oral communication skills, PC skills, team building skills and the ability to work independently
