Clicking "Apply Now" opens the link in a new window.Job Summary
As a member of the University Audits IT Audit team, the individual hired will be responsible for performing complex audits of all aspects of information technology. Information Technology audits provide objective verification of effectiveness and efficiency of processes, controls, and security of IT systems in all areas of the university. The audit process includes planning, risk assessment, internal controls analysis, documentation, writing of audit reports, and communications with audit clients. Audit tasks include gathering evidence, conducting interviews, understanding, and documenting client processes, conducting audit testing, assessing evidence and test results, drawing conclusions, and documenting work performed. Deliverables include written reports that address mitigation of risk, efficiency, accountability, improved compliance, and mitigation of security vulnerabilities.
Candidates should demonstrate expertise related to information systems auditing, including: understanding security and control risks in the areas of logical and physical security, access controls, change management, data security, recovery and continuity practices, and networking technology.
Candidates should possess proven experience collecting and analyzing complex data, evaluating information and systems, drawing logical conclusions, and working collaboratively. A working knowledge of information technology and security best practices, control frameworks, business process mapping, and risk and controls identification are required.
A Bachelor's degree in management information systems, accounting, computer science, or equivalent is needed. Relevant information technology experience and/or audit experience in a sophisticated information technology environment is necessary. Excellent written and verbal communications and strong interpersonal skills are required.
Candidates should understand the concepts of internal controls in an IT context and risk assessment. However, inquisitive individuals with strong IT technical skills who are willing to learn auditing, are also encouraged to apply.
This position requires a proven track record of organizational, time management, and leadership skills; including the ability to successfully manage multiple projects simultaneously. Ability to work effectively and collaboratively as a team member within a diverse work group and the wider university community is a must.
Diversity, equity, and inclusion is critical to the teaching, research and service missions of the university. Therefore, the University of Michigan and University Audits are committed to enhancing diversity, equity, and inclusion. This position requires commitment to diversity, equity, and inclusion.
Knowledge of the NIST cybersecurity framework
Knowledge of the Center of Internet Security (CIS) recommended controls
Knowledge of security tools, vulnerability scanning, and penetration testing
CISA, CIA, CISSP, or relevant SANS certification is a plus.
The position may be filled at an auditor level.
Job openings are posted for a minimum of seven calendar days. This job may be removed from posting boards and filled anytime after the minimum posting period has ended.
U-M EEO/AA Statement
The University of Michigan is an equal opportunity/affirmative action employer.
Job Opening ID 162974
Working Title Internal Auditor Senior - IT
Job Title Internal Auditor Senior
Work Location Ann Arbor Campus
Ann Arbor, MI
Full/Part Time Full-Time
FLSA Status Exempt
Organizational Group University Audits
Department University Audits Office
Posting Begin/End Date 9/26/2018 10/14/2018
Career Interests Finance
University Of Michigan