Senior IT Auditor
Chubb
- London
- Permanent
- Full-time
- Participate in IT audits and Sarbanes-Oxley (SOX) testing. As part of the IT audit responsibilities, the successful candidate will support risk-based audits and advisory projects for risk areas relating to IT such as operations, security and change management and other critical operational areas/functions.
- On assigned audits/project, take ownership on key components of the end-to-end audit process, such as audit planning (lead walkthroughs, draft risk assessments), fieldwork (provide testing oversight and/or execute testing), and reporting (draft audit reports/memos).
- Use problem solving and critical thinking skills to identify internal control deficiencies, evaluate their risk implications, and draw the appropriate conclusions to best advise management auditees.
- Play a substantive role with audit and SOX project management by managing request lists, providing regular status updates to IA management and auditees, and monitoring budget to actuals.
- Provide oversight to less experienced staff on assigned audits and SOX cycles. Additionally, perform testing for higher risk processes and controls.
- Build and nurture positive working relationships with management auditees.
- Contribute to IA's on-going focus to continuous improvement in our audit processes.
- A minimum of 3 years in internal audit experience.
- A minimum of 1-year leading audits and supervising audit staff is desirable.
- Experience with IT controls (e.g., application logical security, edit/validation testing)
- Experience in the insurance industry (e.g., Property, Casualty, A&H, etc.)
- Excellent written and oral communications skills.
- Must be a team player with proven track record of collaboration.
- Strong analytical skills with ability to understand complex processes.
- Strong project management skills required.
- Relevant degree.
- Relevant professional designations (e.g., CISA, CRISC, etc.)
- Familiar with IT Audit Concepts, including Information Security, Application Development Controls, Disaster Recovery, Computer Operations Controls, System Development and Implementation Controls.