|Return to Postings|
Evaluate high risk areas of the BCBSNC information technology environment to ensure that an adequate control environment has been implemented. Responsibilities will include the complete audit process, including risk assessment, planning, process walkthroughs, fieldwork, issues resolution, reporting, and follow-up on corrective action plans.
• Perform risk based audits of information technology at BCBSNC, including applications, bots, cyber security, databases, operating systems, physical security, telecommunications, disaster recovery, vendor management, and cloud.
• Evaluate the high risk areas to determine the adequacy of controls and, where appropriate, compare to industry best practices and control frameworks such as Committee of the Sponsoring Organizations of the Treadway’s Commission (COSO) and Control Objective for Information and related Technology (COBIT).
• Assess compliance with BCBSNC policies, standards, and procedures.
• Provide controls consulting on projects related to information technology areas.
• Bachelors degree in a technology, audit or financial related field
• Minimum 4 years experience in IT auditing
• Recent experience conducting risk-based technical audits such as operating system, database, Firewall, application, data center, or web-based applications
• Certified Information Systems Auditor (CISA) or
• Certified Information Systems Security Professional (CISSP)
• Detailed technical knowledge of technical systems such as: Unix, iSeries, Windows, Oracle, DB2, SQL Server, Mainframe, Firewall, etc.
• Understanding of risks that impact an IT control environment and the related controls that mitigate those risks
• Familiarity with control frameworks/standards/guidelines, such as CobiT, COSO, FISCAM, NIST, and ISO.
• Leadership and management skills needed to coach, direct, moderate and coordinate a team to the successful completion of an audit/review
• Effective verbal and written communication
• Excellent presentation skills
• Interpersonal (listening, facilitating, interviewing) skills
• Analytical, project management and consulting skills
• Certified Internal Auditor (CIA), Project Management Professional (PMP)