IT Audit Director

  • $160000 - $180000 per annum
  • Houston, Texas, United States
Leonid Group is privileged to be retained on a new search, with an esteemed client - a major oil and gas business, based in Houston. They’re looking to recruit for an IT Audit Director role, to oversee their global IT Audit operations.  

The IT Audit Director will have responsibility for implementing the IT Audit Plan, which includes discrete IT audit projects, consultative activities, and assessing the design and operating effectiveness of controls around the Company’s IT environment. The candidate should have a comprehensive understanding of cybersecurity leading practices, recent and emerging technologies (including data analytics, visualization tools, and RPA), IT audit concepts and the ability to independently execute SOX and other discrete audits through effective leadership of an IT audit team. The candidate should have consistently demonstrated initiative, a process improvement mindset, analytical thinking and problem-solving skills in a complex and progressive environment. The IT Audit Director should thrive on initiating, building, and cultivating authentic and trusted relationships with a focus on advancing the goals and the future of the Company. The IT Audit Director should embrace best practices and seek to integrate these practices into the daily operation of the function.


The Role

  • Develop a strong understanding of the Company’s key business processes, risks, and control activities for information systems, technical infrastructures, data centers, computer operations, and key applications.
  • Plan and execute global audits of IT general controls, application controls, and reports, including scope and risk assessment, development of audit procedures, review and analysis of evidence, documentation of processes, procedures, and test work.
  • Direct and supervise the design and successful execution of risk-based IT and integrated audit programs based on professional internal control frameworks (COBIT, COSO, NIST, ITIL).
  • Apply knowledge of business cycles to evaluate new applications by performing pre and post implementation reviews.
  • Incorporate data privacy, disaster recovery, and other emerging concepts into IT risk and control assessments.
  • Provide strategic and proactive consultation in identifying risk exposures and in evaluating solutions for internal control weaknesses.
  • Conduct and document IT walkthroughs with the purpose of identifying key controls and processes as well as proposing improvements.
  • Develop and execute test plans for key automated application controls identified during business process walkthroughs such as IT-dependent manual controls, system-generated reports, system interface controls, and calculations.
  • Manage internal audit IT professionals and conduct reviews of all test work to ensure alignment with IIA standards and Company policies and procedures.
  • Function as the primary contact to manage the external auditor IT relationship and develop an action plan to improve external auditor reliance.
  • Implement a quarterly control-self assessment process for IT to promote timely identification and evaluation of control exceptions.
  • Timely communicate audit status, issues, risks, and deficiencies to audit management and key stakeholders through periodic meetings and written media as necessary.
  • Present recommendations to improve the design and operational effectiveness of internal controls or to develop corrective actions that mitigate risk and/or improve business process efficiency/effectiveness.
  • Evaluate the adequacy and timeliness of management's response and progress of remediation efforts for all significant weaknesses noted in IT audit reports.
  • Continuously monitor for changes in the business and application population that may affect the risk environment and evaluate for required changes to the audit plan or to the scope of planned audits.
  • Identify themes, trends, and emerging risks for escalation and communication to IT leadership.
  • Promote the increased use of data analytics techniques to evaluate large data sets for trends and anomalies.
  • Focus on continuous improvement and identify opportunities to improve processes and procedures through automation.
  • Perform timely and constructive reviews of IT audit resources to recognize achievements and to identify developmental opportunities.
  • Build a best in class IT Audit function and promote succession planning opportunities through mentoring and coaching of team resources.

The Candidate

  • Bachelor’s degree in Information Systems, Information Technology, Computer Science, Accounting, or other related discipline.
  • Minimum 15 years combined IT-related audit experience with at least 5 years from Big 4 public accounting and remainder from an industry role in a listed company with increasing responsibility.
  • Professional certification (CISA, CIA, CISSP, CPA, etc).
  • Knowledge and application of US GAAP and Sarbanes-Oxley Compliance.
  • Experience using audit analytic tools such as ACL or IDEA.
  • Solid understanding of COBIT, COSO, NIST, ISO, and ITIL frameworks
  • Strong verbal and written communication skills with a demonstrated ability to articulate effectively and professionally.

Appliquer maintenant