Sr IT Auditor - Dollar Financial Group
Dollar Financial Group, Inc. is a leading international financial services company serving under-banked consumers. Originally organized in 1979, our network now consists of nearly 1,324 retail storefront locations, multiple Internet websites and mobile phone and other remote platforms, we provide a variety of consumer financial products and services in seven countries across North America and Europe—Canada, the United Kingdom, the United States, Sweden, Finland, Poland and the Republic of Ireland.
To meet the needs of these customers, we provide a range of consumer financial products and services primarily consisting of check cashing, short-term consumer loans, Western Union money orders, Visa® and Master Card® debit cards, utility bill payments, currency exchange, electronic tax filing, secured pawn loans and gold buying services.
Our growth strategy is based on continued international expansion, breaking ground with operations in new geographies, broadening its product offerings, and developing a global internet-based lending platform. Emphasis on a diversified product and geographical mix significantly reduces the company’s economic and regulatory risk while providing us with multiple growth opportunities.
Dollar Financial Group is located in Berwyn, Pennsylvania and is traded on the NASDAQ under the ticker symbol DLLR. For more information, please visit our website at www.dfg.com.
The Sr. IT Auditor will perform complex level professional IT internal auditing work. This work involves conducting information technology audit projects and providing related consulting services to the organization’s staff. The Sr. IT Auditor will be responsible for identifying technology risks, and independently evaluating the efficiency and effectiveness of information technology infrastructure and application controls, including security and internal controls.
Education: BS in Accounting Information Systems, Accounting, Management Information Systems, or similar area of study. Holds or is pursuing CISA designation.
Experience: Strong background in IT risk assessment and auditing, including assessment of risks for IT operations, business processes, Sarbanes Oxley, and related SOX control testing.
2-4+ years of IT Audit experience, including 1-2 years of diverse, public company IT Audit experience in an external and/or Internal Audit environment. Big Four experience a plus.
Other preferred, but not required, experience and certifications include computer aided audit techniques and systems (i.e. ACL, IDEA, etc.) and/or professional certification (CIA, CISSP, CPA, etc.).
Skills: Excellent communication (verbal, written, active listening) skills.
Effective at identifying risks, control deficiencies and making recommendations to management to improve the overall control environment.
Considerable knowledge and skill in the following:
• Applying IT auditing principles and practices, and management principles and preferred business practices. Developing audit plans and preparing clear, organized working papers and support.
• Generally accepted IS audit standards, statements and practices, and IS security and control practices.
• Assessing the effectiveness of internal controls over key IT risks, identifying significant exposures and detecting changes in key risks and/or control effectiveness.
• Management information systems terminology, concepts and practices.
• Distributed technology (i.e. Windows NT and following versions), Web-based technology, and related infrastructure control issues
• System development life cycle methodologies and controls, including ongoing application change management.
• Establishing and maintaining harmonious working relationships with company management, co-workers and external contacts, and to work effectively individually as well as in a professional team environment.
• Identifies and evaluates the organization’s IT risk areas (sox and non-sox) and provides key input to the development of the Annual Audit Plan.
• Develops and maintains the company’s ITGC Sox process, risk and control documentation. Determine key IT risks and controls for Sox purposes and tests the operational effectiveness of related key controls. Documents and issues deficiencies and ensures that management remediates such deficiencies.
• Conducts audit procedures, including but not limited to the following:
➢ Conducting interviews;
➢ Documenting and evaluating processes according to audit department standards;
➢ Identifying and assessing financial, operational and/or compliance risks in the audit scope, identifying mitigating controls and determining whether such controls are effectively designed;
➢ Developing test scripts and sampling plans for Sox controls and testing the operating effectiveness of key financial reporting controls identified under the annual Sox plan and in accordance with Company Sarbanes Oxley testing standards;
➢ Developing audit programs and sampling plans for other/non-Sox internal controls and testing the operating effectiveness of such controls in accordance with Corporate Internal Audit standards;
➢ Carrying out relevant computer aided audit techniques;
➢ Reviewing for compliance with procedures as applicable in the circumstances;
➢ Reviewing and analyzing appropriate documents and evidence;
➢ Composing summary memos and preparing working papers;
➢ Identifying, developing and documenting audit issues and recommendations;
➢ Communicating the results of audit and consulting projects via written reports and oral presentations to management.
➢ Developing and administering surveys;
➢ Documenting audit planning, fieldwork and reporting procedures according to department standards and Sox standards, where applicable;
➢ Utilizing applicable audit working paper software to plan and document audits, report on results and archive working papers;
• Conducts IT audits of the following Sox and non-Sox areas:
➢ Network and application access/security
➢ Change management over operating systems, databases, other infrastructure systems/devices, and business applications (in-house/third party).
➢ Intrusion prevention, detection and response
➢ General data center operating controls
➢ Disaster recovery and business continuity.
➢ System development life cycle.
➢ Help desk
➢ Payment card industry compliance (PCI-DSS)
➢ Targeted firewall audits
➢ IT hardware inventory
➢ Other audits as necessary to evaluate the effectiveness and efficiency of other significant IT areas.
➢ Other General and transaction level application controls for significant systems as necessary and/or in connection with a financial or operational audit (coordinated approach between IT and operational auditors).
• Conducts data extraction, analysis, and security reviews utilizing software tools.
• Works collaboratively with IT staff to identify actions needed as a result of audit issues or other identified risks/issues.
• Ensures all audit procedures and activities are carried out and documented in accordance with Corporate Internal Audit standards, which include professional internal audit standards and applicable Company Sarbanes Oxley standards,
• Assesses information technology control elements to mitigate IT risks regarding the confidentiality, integrity and availability of business information.
• Develops and maintains productive client, staff, and management relationships through individual contacts and group meetings.
• Attends business unit governance or other applicable management meetings to maintain current knowledge of business unit activities and risks.
• Acts as liaison with IT business partners to ensure full understanding of data flow, data integrity and system security.
• Pursues professional development opportunities, including external and internal training and professional association memberships, and shares information gained with co-workers.
• Represents Internal Audit on organizational project teams, at management meetings and with external organizations.
• Performs related work as assigned.
Join our growing team today!
Apply online or Email your resume to email@example.com
- Please reference “ Sr. IT Auditor” in the subject line
- Only submissions with salary requirements will be considered.
- Relocation is not available for this position.
- Applicants must be eligible to work in the United States
- No solicitation from agencies or recruiters please
EOE Visit us online at www.dfg.com to learn more.