You’ll be required to register in our HR portal if you haven’t already done so.
Reporting to the Senior IT Audit Manager, this role will plan, perform and report on audits of system development projects and IT application systems, infrastructure and support functions, all aspects of ISO-NE cyber security processes and NERC Critical Infrastructure Protection (CIP) compliance. Also, participate in external audit support activities, annual audit planning and risk assessment activities and special projects such as implementation and maintenance of the RSA Archer Governance, Risk Management and Compliance (GRC) tool, development and use of data mining/data analysis tools, etc.
Position requires 5-10% travel with the need for 1-2 overnights.
How You Will Make an Impact
- Perform fieldwork for internal audits of system development projects and IT application systems, infrastructure and support functions in the Energy Management System, Market Systems and Corporate Systems areas, cyber security processes and CIP complianceAssist with assessing risk, audit planning and performing detail audit fieldwork for IT related areas of business operations audits
- Assist with assessing risk, audit planning and performing detail audit fieldwork for IT related areas of business operations audits Provide guidance and supervision to other IAD staff, external consultants and/or summer college interns
- Participate in activities in support of external audit engagements, including the SOC 1 engagement IT controls testing, audits of Participant activities (IT cyber security and Energy Management System support reviews at the New England Local Control Centers) and cyber security related audits of vendor functions
- Participate in special projects (e.g., management requests, consulting activities, high level reviews, implementation and maintenance of the RSA Archer GRC Tool, ACL data mining/data analysis tool, etc.)
- Participate in the annual audit risk assessment, audit planning activities, and development of the 15 month audit work plan
- Help with training and development of audit staff, particularly in areas of specific technical expertise
What We Look For
- A Bachelor’s degree in accounting, auditing, business administration or a related discipline or equivalent education/experience is required. A Bachelor’s degree in a technical discipline such as engineering, information systems or computer science may substitute for the degree in accounting, auditing or business administration
- 7 to 10 years of internal or external audit experience is required
- Extensive knowledge of internal control concepts and auditing/consulting techniques and principles is required
- 7 to 10 years of experience in specialized technical fields (e.g., IT areas including development, programming, computer operations, technical infrastructure or cyber security) and the related level of knowledge may substitute for all or part of the auditing experience and knowledge
- Strong analytical, interpersonal, oral and written communication skills and proficiency in PC-based tools such as Microsoft Word, Excel, Power Point and SharePoint
Desired But Not Required
- Graduate degree in business administration, accounting or auditing or a technical discipline such as engineering, information systems or computer science is desirable
- ISO and/or utility experience is highly desirable
- Experience and knowledge in using automated risk management and audit tools such as the RSA Archer GRC Tool and the ACL data mining/data analysis tool is desirable
- Certified Information Systems Auditor (CISA), Certified Public Accountant (CPA), Certified Internal Auditor (CIA) or similar professional designation is desirable
- Other designations related to technical fields such as the Certified Information Systems Security Professional (CISSP) designation or the SANS Global Information Assurance Certification (GIAC) designations are also desirable
ISO New EnglWork collaboratively with teammates and build relationships across departmentsand is located in Holyoke, MA. The company provides a base salary plus bonus, competitive Medical and Dental plan, paid vacation, 401k with company match, retirement plan and more. All benefits start on your first day.
We are proud to be an EEO/AA employer. Applicants for employment are considered without regard to race, creed, color, citizenship, religion, sex, sexual orientation, marital status, national origin, age, disability, status as a veteran, Vietnam Era Veteran, or being a member of the Reserves or National Guard.
We maintain a drug-free workplace and perform pre-employment substance abuse testing.
Social Networking Notice
ISO New England reserves the right to review the candidate's postings on any social networking site accessible in the public domain as part of the candidate assessment process.