Zenith is a team of Worker’s Compensation Specialists committed to helping businesses succeed by protecting against financial consequences of workplace injuries, providing for the needs of injured employees and making the workplace safer. Through placing values such as collaboration, work-life balance, and integrity at the center of what we do, Zenith transparently continues to exceed its’ limits and distinguishes itself as the desired provider of Workers’ Compensation Insurance. In addition, Zenith supports career advancement through a dedication to ongoing learning and development. An individual coming to Zenith will not only receive competitive compensation and a comprehensive benefits package, but continuous opportunities to grow as a professional.
Under the general direction of the Internal Audit Leadership, this individual works as part of the Internal Audit team to plan, develop, schedule, direct, and perform Information Technology (IT) audit activities for Zenith Insurance Company. Responsibilities include: preparation of IT-related risk assessment for specific audit projects, leading and conducting IT audits to address results from the risk assessments in compliance with Department and professional standards, maintaining a high skill level to comprehend technological changes and determine impacts to risks and related internal controls, the performance of managerial duties involving the IT Audit staff and other members of the Internal Audit Department on an audit project basis as well as developing an in-depth knowledge of Zenith’s core business processes to ensure key risks are appropriately controlled and managed.
The essential functions of this position include, but are not limited to, the following:
Lead, direct, and perform comprehensive information technology audit activities of key business applications for Zenith Insurance Company including:
Clearly understand the functionality of the business application and the key application controls
Conduct risk assessments of key IT-related processes and information assets
Prepare audit plans
Perform independent evaluation and audit/testing of internal controls while analyzing, documenting and determining the overall adequacy of internal controls based on the results of the risk assessments
Evaluate the consistency of procedures and their applicability across various financial application systems, hardware platforms, databases and operating systems
Identify internal control weaknesses and make recommendations for improvements, and monitor remediation plans
Assess opportunities to improve processes and identify opportunities for increased efficiency
Create and write audit reports summarizing the results of the audits for the Audit Committee of the Board of Directors,
Support the communication of audit issues and final results to the customer verbally and in written format
Coordinate with process owners to remedy identified exceptions and deficiencies through to remediation
Interact with external auditors to facilitate the test of internal controls over IT processes supporting financial reporting.
Create and update the existing documentation for changes in processes and prepare new or updated controls documentation, flowcharts and policies and procedures.
Provide technological guidance and support to the Internal Audit Department. Implement generally accepted standards for IT control and security practices such as COBIT (Control Objectives for Information and Related Technology) and SANS (System Administration, Networking, and Security) Institute within the IT audit work.
On a project by project basis, perform lead duties including review of test results, work papers and reports for IT Audit and review of work performed by business partners and other auditors.
Participate as an active member of IT project implementation teams identifying areas of implementation risk and business risk as well as identifying potential options for addressing the identified risks.
Utilize database queries as an audit tool for data mining in the Internal Audit Department.
Perform related duties and special projects as assigned.
Act as a strong team member.
Education, Skills, and Requirements
Bachelor degree in accounting, business, information technology, computer science, similar discipline or equivalent work experience. Master degree in a similar disciplines preferred.
A minimum of 4-6 of Information Technology auditing experience is required with a demonstration of increasing responsibilities.
CISA or pursuing a CISA certification is required.
CISSP, CISM, CGEIT, CRISC, CIA or CPA is a plus.
Work experience with COBIT (Control Objectives for Information and Related Technology) is required.
Knowledge and experience in reviewing audit test plans, developing documentation and conducting testing of Sarbanes-Oxley 404 compliance required.
Excellent organizational skills including ability to work under pressure and deal with multiple tasks.
Proficient in use of Microsoft Excel, Word, Visio, and other database software.
Ability to lead other auditors assigned to perform specific technical audit work.
Computer programming or report writer skills are preferred.
Auditing experience with client server (Windows, Linux), communication protocols (TCP/IP), database (Oracle) environments is preferred.
Auditing experience with business application systems is required. Working experience with Oracle Financials (OAP) application system and Oracle databases is preferred.
Auditing experience with Business Recovery Plans and contingency planning is preferred.
Working knowledge with encryption, firewalls, and network security features is preferred.
Working knowledge with web technology, web-enabled applications, and cloud technology is preferred.
Knowledge and experience with business and information technology in the insurance industry is a plus.
Strong management, analytical, communication, and interpersonal skills.
Detail oriented and deadline driven in order to complete tasks and meet required deadlines.
Ability to perform multiple projects simultaneously.
Knowledge of technology auditing control disciplines including but not limited to IT governance, application development, information security, and disaster recovery.
Strong written and verbal communication skills; ability to present analysis and conclusions with clarity and professionalism.
Exposure to Agile and DevOps development methods is preferred.
Information Technology Infrastructure Library knowledge is a plus.
Internal Number: 3965T02522
About Zenith Insurance Company
Zenith National Insurance Corp. is an indirect wholly-owned subsidiary of Fairfax Financial Holdings Limited. Zenith National Insurance Corp. is the holding company for Zenith Insurance Company and its subsidiaries, including ZNAT Insurance Company ("Zenith").
Zenith is primarily engaged nationally in the workers' compensation insurance business. Zenith conducts business in 45 states and the District of Columbia through independent agencies.
For more than 60 years, Zenith Insurance Company has been a specialist in workers' compensation. We’ve built our reputation as an industry leader by providing our customers superior service and achieving results that continually outperform the industry. We are committed to workplace safety and health, quality medical care, managing claim costs, returning employees to work, and fighting fraud and abuse.
In June 2014, A.M. Best Company affirmed the financial strength rating of A (Excellent) of Zenith National Insurance Corp. and its subsidiaries. For the latest rating, access www.ambest.com.