Under the general direction of the Director of Audit and Advisory Services, plans and executes internal audits of information technology areas and supporting infrastructures. These audits include, but are not limited to, testing internal controls, evaluating processes against applicable regulations, company policies, procedures and accepted professional standards and industry best practices and making recommendations to improve processes and strengthen controls when deficiencies have been identified. Performs follow-up reviews on items identified in issued audits to ensure corrective actions have been implemented. Supports other internal audit staff with testing the technical components of operational reviews. Prepares comprehensive well-written audit reports summarizing the audit scope, results of test work, findings and recommended corrective actions.
What's In it for You
Our purpose is to lead the way to tomorrow's energy network. Make a difference and impact millions of people who depend on electricity in their everyday lives.
You get to work on interesting and challenging assignments that will help grow your skill set.
You will work in an extremely collaborative environment inside our LEED certified Folsom, California campus.
You will be challenged, be a part of a winning team, and your contributions will be rewarded and recognized.
What you will be Doing
Lead, prepare and perform assigned audits: For each assigned audit, develop an audit kickoff memorandum; prepare an engagement planning memo that defines the preliminary audit objectives, scope and key risks; develop a risk and control matrix that defines the controls that appear to be in place to mitigate the risks and audit programs that define audit procedures that will be performed to test the controls; develop engagement working papers that provide clear evidence and support for audit conclusions reached, and prepare a well-written audit report that provides an overview of the area audited and clearly summarizes the results of the audit.
Executes audit test work, which may include utilizing data analysis software.
Conducts follow-up audits to ensure audit recommendations have been implemented and prepares memos summarizing the results of activities.
Provides consulting services, as requested, to assist management in meeting its objectives while maintaining independence and objectivity. Supports business units in identifying and evaluating process controls and advocates for sound process controls.
Performs special reviews and investigations as requested by ISO Executive Management and the Audit Committee.
Participates in the development of the annual internal audit risk assessment and audit plan.
Continually evaluates and enhances the internal audit framework and processes.
Adheres to the corporate records management policies, procedures and guidelines, including the approved records retention schedule. Maintains records using approved corporate tools, and stays abreast with required training.
Adheres to and supports the Core Values of the ISO.
May perform related duties and activities as assigned.
Level of Education and Discipline
A Bachelor's degree (BA, BS) or equivalent education, training or experience in Business Administration, Information Technology, Management of Information Systems, Accounting, Computer Science or related field.
Master Degree preferred.
Amount of Experience
Equivalent years of education and training, plus six (6) or more years related experience.
Certified Information Systems Auditor (CISA) desired
Certified Information Systems Security Professional (CISSP) desired
Certified Internal Auditor (CIA) desired
Type of Experience:
Solid understanding of information technology goverance and best practices such as ISO, ITIL, SANS, and NIST and internal auditing standards promulgated by the Institute of Internal Auditors.
Experience conducting audits in areas such as application controls, information security, change management, business continuity and incident management.
Experience with sensitive investigations and conflict management.
Hands on experience with data analysis tools such as ACL and continuous monitoring.
Familiar with the electric industry, ISO markets and processes and mandatory reliability standards is highly desirable.
Experience in data analytics, quality assurance, root cause analysis, or project management is desirable
Additional Skills and Abilities:
Demonstrates fundamental management and leadership skills with the ability to work effectively in a team environment as a leader, facilitator and team member.
Ability to provide practical and feasible solutions to problems, keeping multiple conflicting considerations into account.
Excellent interpersonal, communication, and writing skills required.
Excellent analytical skills are required, including the ability to effectively communicate complex technical materials and concepts in a non-technical manner.
Must be able to handle a dynamic and changing work environment, and work independently.
Strong computer skills in Microsoft Office Suite.
Self-motivated, problem solving skills and the ability to influence others without direct authority.
Experience in sensitive investigations experience, fraud identification, and problem-solving skills are desired.
About California ISO
The California Independent System Operator (ISO) manages the flow of electricity across the high-voltage, long-distance power lines that make up 80 percent of California's power grid. We safeguard the economy and well-being of 30 million Californians by operating the grid reliably 24/7.
As the impartial grid operator, the California ISO opens access to the wholesale power market that is designed to diversify resources and lower prices. It also grants equal access to 25,865 circuit-miles of power lines and reduces barriers to diverse resources competing to bring power to customers.
The California ISO's function is often compared to that of air traffic controllers. It would be grossly unfair for air traffic controllers to represent one airline and profit from allowing that company's planes to go through before others. In the same way, the California ISO operates independently—managing the electron traffic on a power grid we do not own—making sure electricity is safely delivered to utilities and consumers on time and reliably.