Description
JOB SUMMARY
Evaluates processes, procedures, and internal controls over operations and IT processes, systems, and applications throughout the organization. Documents evaluations clearly, completely, and in accordance with internal auditing standards.
JOB DUTIES
- Understands and applies principles, theories and concepts related to the profession and ERCOT's culture.
- Exercises judgment within defined procedures and practices to determine appropriate action.
- Impact is generally limited to specific assignments or projects.
- May respond to inquiries and/or provide assistance and/or guidance to lower level workers.
ADDITIONAL JOB DUTIES
Level 1
- Participates in audits at all levels of management and staff throughout the organization
- Reviews policies, procedures and other related documentation to obtain understanding of each area being audited
- Follows audit program with specific testing criteria to evaluate risks and controls within the audit area
- Ensures adequate internal controls are maintained by following up on prior audit recommendations
- Documents all work thoroughly and completely to support audit results. Adheres to the standards of the Internal Audit profession
- Assists with drafts, reports and other formal communications on the results of each audit with review by a Lead Auditor or the Director, Internal Audit
- Builds knowledge to achieve proficiency for conducting internal audits and business reviews independently
Level 2 - Above +
- Conducts audits with all levels of management and staff throughout the organization
- Identifies risks within each audit area
- Develops audit programs with specific testing criteria to evaluate risks and controls within the audit area
- Recommend improvements in procedures, processes and operations across the organization
- Draft and issues reports and other formal communications on the results of each audit
Level Senior - Above +
- Identifies risks within each audit area and may initiate investigations and audits to mitigate risk impacts and strengthen controls
- Review work papers for completeness, accuracy, and adherence to professional practices standards.
- If assigned by the Director of Internal Audit, monitors ERCOT's standards of conduct and ethical relationships with market participants, stakeholders, regulators, suppliers, and employees
- Drafts and issues reports and other formal communications on the results of each audit
- Provides training to new employees and contractors along with refresher training for current employees about audit process, procedures, and proposed operational changes Petitions management for investigations and audits to mitigate risk impacts and strengthen controls Interfaces with external auditors when engaged to jointly review, evaluate and report findings on internal processes, controls, and business results
- Oversees report draft and editing, and reviewing work papers for accuracy that are done by more junior audit team members
- Participates on cross functional project teams or consulting activities utilizing operations and Information Technology principles, Standards, and controls.
- Has obtained specialized technical skills and competencies.
- Works on audits with diverse ambiguous scope requiring significant and complex data retrieval and analysis
EXPERIENCE
- Level 2: Requires minimum 2 years job related work experience in excess of degree requirements
- Level 2:: Requires minimum 2 years progressively responsible experience in auditing and a track record of proven experience in either successfully leading audits and first time performed' audits, or completing fieldwork on technical industry specific subject matter areas.
- Level Senor: Requires minimum 5 years job related work experience in excess of degree requirements
- Level Senior: Requires minimum 5 years progressively responsible experience in auditing and a track record of proven experience in either successfully leading audits and first time performed' audits, or completing fieldwork on technical industry specific subject matter areas.
- Prefer experience auditing against IT governance frameworks, risk management, and control environments (e.g. NIST,ITIL, ISO, COSO)
- Prefer experience auditing information security, cloud technologies, Artificial Intelligence technologies, change and release management, configuration management, software licensing, identify and access management, disaster recovery, and cyber security
- Prefer knowledge of IT organizational structures, infrastructure, architecture, and technology stacks
- Prefer knowledge of databases, applications, storage, and networking processes and controls
EDUCATION
- Bachelor's Degree: Computer Science, Information Technology, Cyber Security, Accounting, Finance, Business Administration or related field is required (Required)
- or a combination of education and experience that provides equivalent knowledge to a major in such fields is required
CERTIFICATION
- CISA Certified Information Systems Auditor (preferred)
- CIA Certified Internal Auditor (Preferred)
- CISM, Certified Information Security Manager (Preferred)
- CISSP, Certified Information System Security Professional (Preferred)
Contact
Electric Reliability Council of Texas
Texas United States
www.ercot.com
From the same organization
