Principal IT Auditor

At Northrop Grumman, our employees have incredible opportunities to work on revolutionary systems that impact people's lives around the world today, and for generations to come. Our pioneering and inventive spirit has enabled us to be at the forefront of many technological advancements in our nation's history - from the first flight across the Atlantic Ocean, to stealth bombers, to landing on the moon. We look for people who have bold new ideas, courage and a pioneering spirit to join forces to invent the future, and have fun along the way. Our culture thrives on intellectual curiosity, cognitive diversity and bringing your whole self to work - and we have an insatiable drive to do what others think is impossible. Our employees are not only part of history, they're making history.

• Leading and performing technology audits across domestic and international operations and subsidiaries.
• Developing and executing internal controls and associated test plans related to overall Information Security as well as general IT controls including, but not limited to, Access Control, Change Management, Server and Network Management, etc. Other areas may be audited based on risk assessments performed during audit planning.
• Examining and verifying IT systems and applications against policies/procedures to determine the design, reliability and effectiveness of internal controls, as well as ensuring compliance with relevant company policies/procedures, related contracts/agreements, and applicable laws.
• Ability to work on other types of audits (business processes, business sites and programs) across the company covering various functional topics and processes.
• Assisting with the planning and execution of audits using a risk-based audit approach, including assessment of controls.
• Establishing and maintaining cooperative working relationships with auditees and affected management.
• Proactively identifying regulatory, operational, and/or strategic risks to the organization and delivering recommendations for improvements to senior leadership.
• Supporting further development of data analytics audit techniques, utilizing continuous auditing and AI to identify issues, automate work, improve efficiency and effectiveness, and identify risk areas.
• Assisting in the evaluation of the potential effects on the Company and our internal audit approach of all newly established and/or potential business and regulatory requirement changes implemented by the Company and/or any other regulatory entities.
• Preparing presentations covering the various phases of an audit life cycle and presenting those materials to auditee and management including IA leadership.
• Being accountable for audit quality (well documented workpapers), accuracy of results, and delivery of audit work products in a timely manner.
• Developing workpapers meeting department and IIA standards.

• Strong problem solving and analytical capabilities, with a demonstrated ability to gather data, analyze trends, evaluate facts, form valid conclusions, and prepare and present concise oral and written reports.
• Ability to work independently or as part of a team, prioritizing multiple assignments and tasks, and simultaneously complete each in a timely fashion.
• Strong written and verbal communication skills.
• Ability to lead a highly engaged team with geographically dispersed team members.
• Ability to interact with and present to executive level management.

• Bachelor's degree in Information Systems/Technology, Cybersecurity, Business, Finance, Accounting, Data Science, or related field with 6 years of relevant experience OR 4 years with a Masters degree
• Familiarity with cybersecurity frameworks (i.e., NIST, COSO, COBIT, and/or ITIL) as well as third party assurance reports (SOC 1, 2, 3).
• Experience in IT or Operations, including areas such as Internal Auditing, Risk Management, IT Compliance, IT Project Management, and/or Information Security.
• Working knowledge of a variety of analytical tools (i.e., SAP, BW, the MS Office Suite) to analyze and interpret a wide variety of information.
• U.S. citizenship required.
• Candidates must have the ability to obtain a DOD Secret level security clearance as a condition of continued employment
• Ability to travel up to 50% of the time.

• Master's degree in Information Systems/Technology, Cybersecurity, Business, Finance, Accounting, Data Science, or related field with 4 years of experience.
• Experience auditing general computing controls and IT control testing of networks, applications, operating systems, and databases against standards like NIST 800-53 and NIST 800-171.
• Work experience in the Aerospace and Defense Industry / Government Contracting.
• SECRET or TOP SECRET Clearance (TS), TS SCI or TS SAP Access.
• Certified Internal Auditor (CIA), Certified Information Systems Auditor (CISA), Certified Public Accountant (CPA), Certified Management Accountant (CMA), Project Management Professional (PMP), or other similar certification.