Responsibilities

The IT Audit Manager is responsible for evaluating risks and controls for IT infrastructure, security and related processes.  This evaluation will be accomplished by conducting internal audit projects to include the communication of observations, risks, recommendations and conclusions reached, as well as providing consulting services regarding risk and controls on a wide range of projects and corporate initiatives.  Responsibilities include the review of infrastructure, security, processes and technologies, and IT operations.  Audit results reflect value-added recommendations, process improvements, strengthened internal control and business objective assessments.

 

Core Job Responsibilities:

Support project planning for Microsoft’s technology infrastructure, security, and general IT processes
Perform audits, consulting engagements, and other influencing activities of infrastructure technologies, security, supporting operations, and processes
Conduct reviews in highly technical areas of current/emerging technologies including Internet, Intranet, cloud, security, distributed computing, firewalls, and Windows Server
Remain current and increase knowledge in the areas of auditing, business, company products and company information and Microsoft technologies, applications and other related technologies, utilizing self-study and/or continuing education efforts.
Develop draft audit reports by identifying and gathering support for potential issues, and recommending solutions.
Utilize departmental audit systems to manage projects, work papers, risk assessment, reporting and reporting follow-up.
Communicate with departmental representatives and client management regarding the project status.
Coordinate with external auditors, and work with outside contractors with respect to specific IT audit engagements.
Establish and maintain strong customer relationships with internal and external customers, managers and staff.
Advise and influence a team of technical auditors; providing technical and quality oversight, advice to internal audit projects and consulting services regarding technologies, IT risk and controls, and provide guidance and training opportunities.
Qualifications

Minimum Qualifications:

A BS/BA degree, preferably in Finance, information systems, computer science, engineering or other related IT field or a minimum of 5 years of experience in Information Technology, hardware or software product development, IT audit, IT Assurance, IT Security operations or IT security architecture.
Proven team player with demonstrated skills working on strong, effective and self-directed teams
Ability to travel domestically and internationally for 2-3 week periods up to 20% of the year.

Specific Functional/Technical Skills:

Excellent understanding of concepts related to information systems audit, information security, general IT controls, application controls and technology risks.
Ability to communicate highly technical issues to both technical and non-technical audiences and demonstrated innovation in IT audit program development and delivery.
Knowledge of external leading risk and controls frameworks such as COBIT (Control Objectives for Information and related Technology), ISO27000, and IT related internal controls

The following are preferred:

MS or MBA in Computer Science, Information System Management, or Information Assurance.
Professional certification such as CISSP, GIAC, MCSE, CCNA, CISA, or CIA
Experience with networks, security and specialized skills and experience