Under direction of Project Manager or Principal Auditor, plan audits, determine scope and develop project specific risk and controls matrices. Perform walkthroughs, design effectiveness assessments and operational effectiveness testing, document issues for inclusion in formal audit reports, and follow-up with management on agreed correct actions. Work in teams on technology and integrated business audits, and where assigned, to supervise junior members of staff.
Responsibilities / Duties:
-
As directed by the Project Manager or Principal Auditor, plans audits, determination of scope and development of project specific risk and controls matrices.
-
Conduct audits of Information Technology infrastructure, operations, applications, development, and Cybersecurity to assess compliance with policies, standards, procedures, laws and regulations, the safeguarding of assets, and reliability and integrity of operating and financial information.
-
Work as the Cybersecurity audit specialist on integrated business process audits.
-
Effectively document assessment and testing results to support conclusions, findings and recommendations in alignment with department standards.
-
Assist with assessing risks and recommending changes to improve IT controls, and to negotiate solutions and corrective action plans.
-
Prepare input to the formal audit report and effectively communicate audit results to management.
-
As requested and under supervision, to lead less complex audits or sections of larger audits.
-
Work as an integral member of the Audit Services department to achieve departmental performance goals, which include completing the annual audit plan on a timely basis, within budget, and to defined standards and quality.
-
Represent the department as a business partner, adding value and supporting company objectives.
-
Be an ambassador for the department to maintain and enhance the standing of Audit Services and of its integral value to the business.
-
Assist in mentoring other auditors as requested and to develop and share center of excellence expertise.
-
Performs other duties as assigned (no more than 5% of job duties).
Qualifications
Education:
- Bachelor's Degree in any subject or equivalent experience, required.
Experience:
- 5+ years audit, risk and controls, IT, cybersecurity, or information security experience.
Licenses and Certifications:
- CISA, required.
- Other professional certification (e.g., CISM, CISSP, CIA.), preferred.
- Valid California Driver's License, required.
Other Qualifications:
- Ability to travel locally (San Diego and Los Angeles) 10-15%, nationally, and potentially international (Latin America).
- Fluent business Spanish is preferred, but not required.
- Position is based in downtown San Diego.
- Must reside in Southern California or be willing to relocate upon hire.
- We offer a hybrid work environment. Although the schedule may vary, typically this will allow you to work from the office three days per week and work remotely on the remaining workdays.
Sempra
101 Ash St
San Diego
California United States
www.sempra.com
