SMUD is currently recruiting for an IT Auditor (J) to be part of its Internal Audit team at its Headquarters in Sacramento, California.
The mission of Internal Audit is to provide stakeholders with assurance, advice, and insight to support the achievement of SMUD’s strategic objectives. Internal Audit staff gain a broad perspective of SMUD operations through varied assignments, including special projects and audit engagements. As a key member of the Internal Audit team, you will partner with businesses across the entire organization to identify areas of risk, make valuable recommendations, and influence positive change.
You have the opportunity to contribute to a dynamic and evolving team that creates innovative solutions for SMUD.
This position will provide all levels of management and the Board of Directors with ongoing, objective analyses, evaluations and recommendations regarding established policies, procedures, and controls specific to Information Technology (IT) areas to ensure reliability/integrity of data, security and control of applications and systems, and economy, efficiency and effectiveness of operations.
Plan and execute high quality IT, other integrated audits, and special projects by collaborating with others within and outside of the department to identify areas of risk and opportunities for improvement.
Participate in the planning of audits to include identification and evaluation of objectives, inherent risks and controls.
Execute a comprehensive audit approach (to include planning and risk assessment, fieldwork, and reporting) to address IT, financial, compliance, and operational risks in accordance with IIA’s International Professional Practices Framework (IPPF).
Develop an understanding of the connections and relationships across business processes and systems to provide business units with new insights.
Effectively communicate issues and/or concerns to stakeholders and audit management throughout the course of the audit.
Prepare impactful reports that document the objectives, procedures, observations, and recommendations and also "tell a story" by focusing on the risks and the steps to addressing those risks.
Learn to act as a trusted advisor or consultant to other areas of the organization by providing advice on risks and controls, and developing potential solutions.
Utilize technical expertise and apply leading practices in advanced audit techniques, including risk assessment, data analytical and mining tools, and statistical sampling and provide assistance to the AQS team in these areas.
CISA (Certified Information Systems Auditor), CISSP (Certified Information Systems Security Professional), CISM (Certified Information Security Manager), CIA and/or other related certifications
Excellent communication skills with the ability to "speak the language" to all stakeholders
Ability to understand and stay up-to-date on new technologies within a short period of time
Experience using audit management software to perform various audit techniques and analytical procedures
Experience working in and/or auditing within an SAP environment
IT experience, including application security, database administration security, information security, data privacy, and network infrastructure architecture and security
Experience in the utility industry, including an understanding of laws and regulations governing the industry (PCI DSS, HIPAA, and NERC)
5 or more years of progressively responsible relevant work experience in internal audit programs, including IT Operations/Systems, Information Security or Auditing, and at least 3 years of progressively responsible relevant work experience as an IT Auditor. If you do not have a degree as outlined below, four additional years of experience are required.
BA/BS degree from an accredited college or university majoring in Computer Science or Information Technology or related field or equivalent experience.
Knowledge and Skills:
IT auditing theory, techniques and procedures.
Computerized information systems and applications.
Administrative and IT controls.
Data base systems and data base query languages.
Operating systems (UNIX, Windows).
Telecommunications systems, mainframe, network, internet firewall, and PC security software.
Job control language (JCL).
Programming languages, local area networks/wide area networks (LAN/WAN), client/server environment.
PC hardware, PC software; audit software.
IT systems development methodology.
computer hardware and utilization.
Information security controls.
ITIL, accounting and administrative controls.
Management and organizational principles.
Relocation expenses are negotiable.
Internal Number: 2175BR
About Sacramento Municipal Utility District
SMUD is owned by you, our customers, so it's natural that we have your best interests at heart. We provide you complete energy solutions, which is good for your home, your budget, your business and our community.