Information Technology Auditor Job Listing at OnPoint Community Credit Union in Portland, OR (Job ID 1414)

Description

Job Summary

As an IT Auditor at OnPoint Community Credit Union, you will play a vital role in ensuring our information technology systems and processes effectiveness, security, and compliance. Under the direction of the Chief Audit Officer, you will be responsible for evaluating the integrity and reliability of our IT infrastructure, identifying potential risks, and recommending necessary controls and improvements. Your expertise in auditing, technology, and regulatory compliance will contribute to maintaining the trust and confidence of our members while safeguarding their financial assets.

Key Responsibilities

• Conduct IT audits: Perform comprehensive audits of our credit union's IT systems, networks, databases, and applications to assess their efficiency, security, and compliance with relevant regulations, industry best practices, and internal policies.
• Risk assessment: Identify and evaluate potential risks and vulnerabilities in our IT infrastructure, including cybersecurity threats, data breaches, system failures, and regulatory non-compliance.
• Control evaluation: Assess the effectiveness of existing IT controls and safeguards to ensure they adequately mitigate identified risks and comply with industry standards and regulatory requirements.
• Compliance assurance: Review and verify compliance with relevant laws, regulations, and industry guidelines, such as the Gramm-Leach-Bliley Act (GLBA), Payment Card Industry Data Security Standard (PCI DSS), Federal Financial Institution Examination Council (FFIEC), and National Credit Union Administration (NCUA) regulations.
• Audit planning and execution: Develop comprehensive audit plans, including scope, objectives, and methodologies, and execute audits within established timelines, ensuring adherence to auditing standards and guidelines.
• Documentation and reporting: Prepare clear and concise audit reports detailing findings, recommendations, and remediation strategies. As necessary, communicate audit results to relevant stakeholders, including senior management, IT teams, and regulatory authorities.
• Continuous improvement: Stay updated on emerging IT risks, technologies, and industry trends. Recommend and implement enhancements to internal controls, processes, and policies based on audit findings and industry best practices.
• Collaboration and coordination: Collaborate with cross-functional teams, including IT, security, compliance, and risk management, to ensure coordinated efforts in addressing IT-related risks and implementing necessary controls.
• Training and awareness: Provide guidance and training to staff members on IT controls, security awareness, and compliance requirements to foster a culture of security and risk management within the organization.
• Audit follow-up: Monitor the implementation of audit recommendations and track progress on remediation activities. Conduct follow-up audits to assess the effectiveness of corrective actions.

Qualifications and Skills

• Minimum of 4 years auditing information technology systems.
• Bachelor's degree in information systems, computer science, accounting, or a related field. Relevant work experience may substitute the before-mentioned degree. 
• Professional certifications such as Certified Information Systems Auditor (CISA), Certified Internal Auditor (CIA), or similar qualifications are preferred.
• Solid understanding of IT audit principles, methodologies, and best practices.
• Knowledge of financial industry regulations, including GLBA, PCI DSS, FFIEC, and NCUA requirements.
• Familiarity with IT governance frameworks, such as COBIT or ITIL.
• Strong analytical and problem-solving skills with attention to detail.
• Excellent written and verbal communication skills, including the ability to convey complex technical concepts to non-technical stakeholders.
• Proficiency in using audit tools, data analysis software, and productivity applications.
• Prior experience in IT auditing, risk management, or compliance within the financial services industry is advantageous.
• Understanding of technical components including Routing and switching, Client/Server, Relational Database Systems, Firewalls, SIEM technologies, and Active Directory
• Ability to work independently, manage multiple priorities, and meet deadlines.

At OnPoint, we believe a workplace that reflects the richness of the world fosters a welcoming and empowering environment for everyone. We're committed to equity and inclusion, and consider all qualified applicants embracing every race, religion, color, sex, national origin, age, sexual orientation, gender identity, disability or veteran status, and your unique background.

We encourage you to apply if you're passionate about this opportunity and have the core qualifications. Your unique experiences and skills are what make you a strong candidate. Don't let imposter syndrome hold you back! Our recruitment process is designed to be inclusive and accessible to all. If you need any accommodations during the application or interview stage, please let us know. We're dedicated to providing what's necessary to ensure a fair and inclusive experience.