Under direction of the Project Manager or Principal Auditor, plan audits, determine scope and develop project specific risk and controls matrices. Perform walkthroughs, design effectiveness assessments and operational effectiveness testing, document issues for inclusion in formal audit reports, and follow-up with management on agreed corrective actions. Work in teams on technology and integrated business audits, and where assigned, to supervise junior members of staff.
Duties and Responsibilities
- As directed by the Project Manager or Principal Auditor, plans audits, determination of scope and development of project specific risk and controls matrices.
- Conduct audits of Information Technology infrastructure, operations, applications, development, and Cybersecurity to assess compliance with policies, standards, procedures, laws and regulations, the safeguarding of assets, and reliability and integrity of operating and financial information.
- Work as the IT audit specialist on integrated business process audits.
- Effectively document assessment and testing results to support conclusions, findings and recommendations in alignment with department standards.
- Assist with assessing risks and recommending changes to improve IT controls, and to negotiate solutions and corrective action plans.
- Prepare input to the formal audit report and effectively communicate audit results to management.
- As requested and under supervision, to lead less complex audits or sections of larger audits.
- Work as an integral member of the Audit Services department to achieve departmental performance goals, which include completing the annual audit plan on a timely basis, within budget, and to defined standards and quality.
- Represent the department as a business partner, adding value and supporting company objectives.
- Be an ambassador for the department to maintain and enhance the standing of Audit Services and of its integral value to the business.
- Assist in mentoring other auditors as requested and to develop and share center of excellence expertise.
- Performs other duties as assigned.
Note: This is an internal audit position whose role is to provide assurance over the effectiveness of IT and cybersecurity controls for business applications and technology infrastructure in IT, operational technology, and cloud environments. Audit Services operate in conformance with the Institute of Internal Auditors' International Standards for the Professional Practice of Internal Auditing.
Qualifications
Education
- Bachelor's degree in any subject or equivalent experience is required.
Experience
- 5+ years of experience in audit, risk and controls, IT, cybersecurity, or information security experience is required.
- Must reside in Southern California or be willing to relocate upon hire.
- We offer a hybrid work environment. Although the schedule may vary, typically this will allow you to work from the office three days per week and work remotely on the remaining workdays.
Skills and Abilities
- Ability to travel locally (San Diego and Los Angeles) 10-15%, nationally, and potentially
international (Latin America). - Fluent business Spanish is preferred but not required.
Licenses and Certifications
- CISA is required.
- Other professional certification (e.g., CISM, CISSP, CIA.) is preferred.
- Valid California Driver's license is required.
Sempra
101 Ash St
San Diego
California United States
www.sempra.com
