The Senior IT Auditor works as part of a team of IT Auditors to assess risk, evaluate controls and provide advisory services to FNF and its subsidiaries. This position supports a variety of audits encompassing information technology, security, general computer controls (including logical security, computer operations and change management), corporate initiatives, technology implementations as well as compliance/regulatory activites. This position will support the risk based IT Audit plan, leading and completing planning, fieldwork, and reporting activities. This position includes internal and external client interface, and as such requires strong professional presence, communication, and decision-making skills. The successful candidate will be capable of identifying and addressing audit issues across a variety of business areas and risk exposures, including technology, information security and operational systems of controls. The ability to establish relationships and credibility with clients as well as within the Audit team is necessary. A broad understanding of Information Technology, security, and controls as well as experience in the financial services industry is necessary.
Bachelor’s degree from an accredited college or university in Information Technology,
Information Systems, Accounting and/or Business
• Big four experience
• Master’s degree in information technology or related management field.
• CISA or CISSP, Security +, CEH is a requirement for this position. Other Certifications
(CIA, CFE, etc.) a plus. We will consider candidates who have passed the CISA and are
pending the work experience requirement.
• Microsoft Azure experience
• High tech or financial services experience, including working in highly regulated
environments.
• Experience with IT Standards; HiTRUST, COBIT, ISO 27001, ITIL, NIST, FFIEC
Standards.
REQUIREMENTS:
• (3-6) + years of experience in an IT audit function and IT/Information Security
experience
• Strong professional presence, communication, and decision-making skills.
• Strong understanding of IT risk and controls, project management and time
management skills.
• Experience leading IT and security audits and validations.
• Ability to establish relationships and credibility with internal clients.
• Familiarity and practical application of IT Security and control frameworks (e.g., NIST,
ISO, FFIEC IT Booklets, Cybersecurity Framework, COBIT, etc.)
• Proficiency in the following areas:
o Application Security
o Open Systems Interconnection (OSI) model
o Computer Operations (including job scheduling, monitoring, and alerting,
capacity, performance, and problem management)
o Information Security & Data Privacy Programs and Frameworks
o Network, Infrastructure Architecture and Security (including network
segmentation, firewalls, routers, VPN solutions etc.)
o Physical Security & Data Center Controls
o Systems Development (including SDLC and supporting tools AzureDevOps,
project management, and change control methodologies)
o Implementations (including upgrades and migrations)
o Business Continuity & Disaster Recovery
o Data Analysis using Excel, Access, or other tools.
Software Powered by iCIMS
www.icims.com