Senior Technical Auditor

Technical Audit Sr Auditor - FT08AE

We're determined to make a difference and are proud to be an insurance company that goes well beyond coverages and policies. Working here means having every opportunity to achieve your goals - and to help others accomplish theirs, too. Join our team as we help shape the future.

Innovative, energetic, and dynamic team that delivers risk-based assurance and advisory services where it matters most to the company. We serve our stakeholders by providing valuable risk and control insights to our audit customers, influencing positive change.

This position offers the opportunity to analyze end-to-end IT & Security service operations and the complex tools and applications that enable them, which requires keeping pace with emerging technology and industry trends. In addition, you will review and analyze IT governance processes, as well as develop and perform continuous auditing techniques leveraging data analytics to provide ongoing insights on the health of the control environment for the Audit Committee of the Board of Directors and Senior Management.

• Diverse assignments in key IT service, technology, and security areas
• Progressively challenging assignments in high and emerging risk areas such as cyber, public cloud as a service, AI, DevSecOps, acquisitions, etc.
• Formal training on use of contemporary data analytics tools, and be given opportunities to leverage data analytics throughout the audit process
• Approximately 40 hours of continuing professional education each year, including training in technology, auditing, and personal development skills
• Opportunities to attain professional certifications in emerging, relevant technology areas (e.g., security, public cloud).

• Deliver risk-based assurance and advisory reviews in accordance with department professional standards in a team environment.
• Independently produce high quality work papers, clearly and comprehensively documenting understanding of control procedures and results of work performed.
• Effectively interface with 1st and 2nd lines of defense, including various levels of management, and have a working knowledge of effective governance processes for critical IT areas.
• Participate on all phases of the audit from planning to reporting, including understanding the technologies under review, how IT enables business operations, scoping the audit, identifying risks and controls, and designing and executing testing with minimal oversight.
• Examine key operational and information technology/security processes, leverage critical thinking skill to identify risks and ensure appropriate controls have been designed, and develop corresponding test procedures.
• Further technical knowledge through independent research/formal training and demonstrate a strong understanding when completing assigned work related to emerging technology risks for existing and new technology implementation efforts.
• Identify value-add improvement opportunities and control enhancements, effectively communicate audit issues and valuable recommendations in both technical and non-technical terms.
• Demonstrate understanding of data analysis concepts and practices.
• Possess an innovative mindset and contribute to process improvement initiatives, including establishment of continuous monitoring models across key IT controls and performance metric reporting.
• Demonstrate leadership through engagement and personal development.
• Familiarity with both industry frameworks/guidance (e.g., NIST CSF, CIS Critical Security Controls, etc.) as well as regulatory requirements (e.g., NY DFS 500, etc.) and an ability to assess against them.

• 4+ years of experience in IT/Security internal audit department, or equivalent IT/Security area. Experience in IT Audit with a Big 4 firm is a plus. Experience in auditing controls in the public cloud also a plus.
• Demonstrated ability to evaluate internal controls, effectively execute large portions of an audit independently, analyze and solve complex problems, conduct independent research, and express ideas clearly, concisely, and persuasively both verbally and in writing.
• Thorough and detail oriented, as well as possess ability to piece together the 'big-picture' (vision/strategy, forward thinker).

• Strong critical thinking and analytical skills, as well as project management experience in audit project setting.
• Deep knowledge of risk assessment; experience with optimizing processes is a plus.
• Desired candidate will have excellent written and verbal communication skills, and a history of demonstrated courage, conflict management, customer focus, dealing with ambiguity, interpersonal savvy, agility, and perseverance.
• Must be resourceful, adaptable, and able to effectively transition between priorities.
• Familiarity or proficiency with analytic tools and techniques, e.g., advanced Excel, SQL, Tableau, Python, is a plus.