Summary

Identify and mitigate risks inherent to the Company’s business. 

Evaluate the design and operating effectiveness of internal controls (IT/IS, policies and procedures, compliance related to cybersecurity, data security)

Advise leadership in effective and efficient risk management

Continuous process improvement

Some coaching and training of junior staff  

Duties and Responsibilities

• Evaluate and review test procedures (data management, app processing, security, systems, network infrastructure, operations, and support.
• Reporting
• Assess application configurations and access throughout the IT infrastructure.
• Identify opportunities for process and control enhancements and/or developing recommendations for risk mitigation.
• enhancement technology policies and procedures.
• Assessing system implementations for adherence to SDLC best practices.
• Identifying new rules issued by the applicable regulatory or governing body to remain current on auditing, emerging technologies, and regulatory trends.

Skills

• Ability to learn new technology concepts quickly
• Ability to interact with all levels of management.
• Strong communication skills
• Self motivated and ability to take initiative
• Experience with analyzing and understanding key data 
• Ability to meet critical deadlines
• Ability to work in a fast-paced environment
• Proficiency in Microsoft Office Suite (e.g., Excel, Word)

travel up to 20% within the U.S.

Other Experience - Education 

• Bachelor’s degree in Accounting, Information Systems, or Information Technology
• Minimum 4 years of experience in auditing, information technology, or IT risk management
• Advanced knowledge of Sarbanes/Oxley (SOX) and NAIC Model Audit Rule (MAR).
• Advanced knowledge of IT general controls and IT application controls that support financial and operational business processes.
• Knowledge of Windows and UNIX operating systems and Microsoft SQL Server and Oracle databases.
• Knowledge of frameworks (COSO, COBIT, NIST, ISO).
• Life insurance or financial services industry experience preferred.
• CPA, CISA, and/or CIA license preferred