The Team's Focus
TransUnion works with businesses and consumers to gather, analyze, and deliver critical information needed to build strong economies around the world. Protection of that information is critical to our customers and business. As a Sr. IT Auditor you will be part of the Global Internal Audit group and be responsible for conducting Cybersecurity and IT audit engagements throughout the organization that support business objectives, best practices, and regulatory requirements. The incumbent will be responsible for the planning, execution, reporting, and follow-up on all audit engagements by participating on an audit team or at times independently leading engagements under the direction of Internal Audit Management. Position requires travel (both US domestic and international) up to approximately 15%, however, the amount may change based on business needs.
What we'll bring:
A work environment that encourages collaboration and innovation. We consistently explore new technologies and tools to be agile.
Flexible time off, workplace flexibility, an environment that welcomes continued professional growth through support of tuition reimbursement, conferences and seminars.
Our culture encourages our people to hone current skills and build new capabilities, while discovering their genius.
Opportunities to expand your role, take on new challenges, and grow within our organization
What you'll bring:
2 years of experience in an IT Audit, Assessor, or Information Security role.
Bachelor's degree in computer science or management information systems.
Demonstrated in-depth knowledge of concepts, best practices and controls in a breadth of Information Security areas/domains. These include governance & risk management, access control, cryptography, physical security, security architecture and design, business continuity/disaster recovery, network security, application & operations security and compliance/incident management.
Demonstrated ability to understand complex technologies, business processes, regulations and emerging risks.
Strong understanding of SOX legislation and IT frameworks including COSO and COBIT.
Strong technical and/or IT audit background with practical knowledge of a wide variety of technologies including server infrastructure & operating systems, network & web infrastructures, database architecture, vulnerability assessment and intrusion detection/prevention systems.
Self-starter with the ability to manage and prioritize responsibilities.
Team player with proven skills in influencing people without having direct management authority.
Self-driven performer with established skills in tracking self and project performance, anticipating and recognizing problems and escalating issues appropriately.
Strong ability to interact and communicate both written and verbally with people at all levels, both technical and non-technical, in a dynamic environment where interactions are not always in person.
Strong risk analysis and problem solving skills.
Must be flexible to ensure assessments are performed timely and be able to manage multiple assessments simultaneously.
Industry certification such as CISSP or CISA required.
Big 4 experience is a plus.
Impact you'll make:
Performing detailed examinations of cybersecurity and IT practices and controls throughout the organization using an established assessment process and framework. The essential duties are as follows:
Assist in developing risk based annual audit plans
Coordinate with process owners to initiate, scope, plan, and conduct periodic controls assessments to identify areas of risk by evaluating the design and operating effectiveness of Information Technology General Controls (ITGC) over applications, operating systems, and databases as well as the network infrastructure.
Lead engagements and communicate issues to process owners, ensuring their understanding of associated risks and the actions needed to remediate those risks.
Document the results of audit procedures performed that support the conclusions reached.
Prepare audit reports based on the adequacy and effectiveness of controls evaluated.
Track and monitor open audit issues for remediation by working with process owners.
Communicate with external auditors and support their initiatives effectively from an IT audit standpoint.
Research security trends, threats, and prevention technologies.
Participate in departmental initiatives, administrative matters, and special projects.
We are an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, or any other characteristic protected by law.