IT Auditor Professional

We are seeking a skilled IT Auditor to join our organization.

• Proficient in Schellman Methodology, showcasing expertise in IT auditing.
• Lead and guide associates and peers, providing guidance and support throughout projects.
• Obtain relevant certifications (ISO LA, CISA, CISSP, AWS CCP), ensuring up-to-date knowledge of industry standards.
• Successfully manage projects from fieldwork through completion, delivering high-quality results.
• Understand and articulate Schellman's service lines at a high level and their leaders, facilitating effective collaboration.
• Proficient in SOC 1 GITCs and each Security, Availability, Processing Integrity, Confidentiality, and Privacy SOC 2 criteria, demonstrating expertise in audit procedures.
• Understand Principal Service Commitments and System Requirements and how they impact scope of a SOC 2, ensuring comprehensive understanding of audit requirements.
• Know all four report opinion outcomes and draft modified opinions, exercising sound judgment and critical thinking skills.
• Identify potential exception(s) that may yield a qualified opinion, recognizing areas for improvement.
• Self-organized, proactive, and consistently look ahead to future projects, showcasing adaptability and resilience.
• Schellman Methodology
  Read STMV quarterly and apply concepts (sampling methodology, TA language structure, exception wording, etc.), staying up-to-date with industry best practices.
• Review and apply concepts of AS 2.0 Reference Guide, leveraging knowledge to drive project success.
• Review and apply concepts of EWP WP Guidance, embracing a culture of continuous learning.
• Obtain CCSK and pursue second certification (ISO 27001 LA, CISA, AWS CCP), investing in professional development and growth.
• Understand and articulate differences between SOC 1 and SOC 2, fostering a deep understanding of audit requirements.
• Participate on projects as a shadow or assessor for attestation offerings such as HIPAA, AUP, C5, etc., developing essential skills and expertise.
• Begin understanding SOC 1 GITCs and each SOC 2 criteria for the Security, Availability, and Confidentiality categories, solidifying foundational knowledge.
• Ability to articulate qualified vs unqualified opinion; know all four types of opinions, exercising sound judgment and critical thinking skills.
• Learn Schellman's services and service line leaders, cultivating relationships and building trust.
• Adhere to Associate Score Card and complete all matters, prioritizing tasks and managing time effectively.
• Accurately manage and report time worked to each project/initiative, maintaining transparency and accountability.
• Comply with Schellman's code of ethics and professional conduct, methodologies, policies, and procedures, upholding the highest standards of integrity.
• Adhering to professional and regulatory standards relevant to assigned service line specialization(s), staying abreast of industry developments.
• Promoting Schellman's company culture and exemplifying Schellman's values, embodying the organization's mission and vision.
• Establishing high-quality relationships and rapport with client personnel, building trust and credibility.
• Managing client expectations to ensure exceeded expectations, delivering exceptional results.
• Completing assigned duties in a timely manner and with high attention to detail, demonstrating a commitment to quality and excellence.
• Collaborating with fellow project team members in a productive and timely manner throughout the life cycle of each project, fostering a culture of teamwork and cooperation.
• Adhering to project schedules and keeping fellow project team members apprised of progress, ensuring seamless execution.
• Escalating issues internally in a proper and timely manner, exercising discretion and decorum.
• Using discretion and decorum in timing, form, and content of all client communications, maintaining professionalism and courtesy.
• Booking travel reservations in a timely manner and according to Schellman's travel and expense policies and procedures, streamlining business operations.
• Performing essential functions of other service delivery positions when qualified and called upon, demonstrating adaptability and versatility.
• Attending project kick-off and closing meetings, participating in key discussions and decision-making processes.
• Executing assigned testing procedures, performing detailed analysis, reaching conclusions, documenting results in accordance with company standards, and suggesting ideas for improvements where applicable, driving innovation and growth.
• Drafting project deliverables, creating clear and concise reports that meet client needs.
• Serving as contact for clients' basic questions regarding an engagement, providing prompt and courteous assistance.
• Participating in recruiting and candidate interview activities, contributing to talent acquisition and development.
• Training project team members, sharing expertise and experience to enhance team capabilities.
• Acclimating newer team members to Schellman, providing mentorship and guidance.
• Contributing to Schellman's practice development efforts, helping shape the organization's strategic direction.
• Developing expert knowledge of professional and regulatory standards relevant to assigned service line specialization(s), staying current with industry trends and developments.
• Contributing to Schellman's thought leadership (e.g., articles, webinars, public speaking, etc.), establishing the organization as a trusted authority in the field.

• Bachelor's degree in accounting, finance, business management, technology, or other relevant subject area, or equivalent years of experience directly related to duties and responsibilities specified.
• 2+ years of related professional services experience in information security auditing, assessment, consulting, or compliance, focused on ITGC or SOC controls.
• Ability to work well independently, within a team, and with clients, as well as travel ~40-50% (M-Th).
• Maintains (preferred) or working towards obtaining least one certification relevant to Schellman's services (i.e., CPA, CCSK, or CISA).

• Working knowledge of Schellman's services, methodology, and relevant professional standards.
• Requisite knowledge of applicable technology and security domains.
• High level of attention to detail and quality of work product.
• Client service oriented.
• Excellent time management, organizational, and verbal and written communication skills.
• Ability to work on-site or remotely as a valuable contributor to a collaborative team.
• Capable of simultaneously managing assigned tasks for multiple projects.
• Proficient using Microsoft Word, Excel, and PowerPoint, as well as Schellman's service delivery applications.
• Full understanding and application of ethics, independence, and Schellman's values.