Job Description

The ideal candidate will be responsible for audits and special reviews of the IT General Controls, IT Network and Infrastructure, Information Security, and IT Risk Management, with an objective to improve controls and efficiencies of the activities reviewed.

Job Requirements

• Design and execute IT audit strategy in conjunction with standards of the Institute of Internal Audit:
  • Conduct annual risk assessment to establish the annual audit plan
  • Plan and execute effective audit engagements
  • Establish and maintain effective relationships with IT personnel
  • Document audit observations clearly and completely
  • Assist IT Management in developing control activities and wording to aid in making testing more effective and efficient
  • Perform quarterly liaison meetings with management and control owners to document and understand processes or control changes, and keep current on the IT environment to assist in planning appropriate operational audits and address risks timely
• Conduct Sarbanes-Oxley information technology internal control reviews to ensure compliance with regulations and provide assurance to Management and the Board of Directors.
  • Schedule and plan reviews
  • Perform testing of information technology internal controls
  • Document and report findings to local and executive leadership
  • Provide assistance to external auditors
  • Recommend internal control improvements that may include operational enhancements or efficiencies
  • Identify opportunities to enhance key controls and their applicability to a respective application or IT system
• Conduct information technology operational and compliance reviews to ensure compliance with regulations and provide assurance to management and the Board of Directors. Examples of reviews include:
  • IT Security Risk Assessments
  • Third Party Application User Control Considerations Reviews
  • Cloud Environment Reviews
• People and Resource Management
  • Facilitate interaction with and provide assistance to external audit team, and IT second line of defense team
  • Manage individual workload and deliver to agreed upon project milestones
  • Proactively participate in career and skill development opportunities
  • Actively participate in HR development and performance measurement processes

Education/Certification

• Four-year degree in related field 

Qualifications

• 3 years of experience in public accounting, or internal audit of information technology, including a minimum of 2 years of experience with public company SOX internal controls and documentation.
• Experience in IT operational processes, security practices, and remediation.
• Experience using data analytics techniques as part of an IT audit and working knowledge of any data analytics (e.g., Power BI).
• Bachelor’s degree in related technical field from a four-year college or university.
• CISA, CISSP, or CIA highly preferred.

Skills and Abilities

• Ability to make decisions and take action with minimal supervision
• Ability to recognize and communicate business risks and suggest mitigating solutions
• Ability to prioritize and manage multiple responsibilities simultaneously
• Exhibit the leadership skills needed to obtain management concurrence for constructive change

• Strong verbal and written communication skills to effectively present to management and work within a team environment
• Ability to work independently and within a team environment

Preferable Knowledge

• Strong technical knowledge of a wide range of IT areas including software development and implementation, IT infrastructure, cloud technology, network operations, data centers, and cyber security.

• General IT knowledge in:
  • Change Management
  • Application Security
  • Access Security
  • Computer Operations
  • Segregation of Duties
  • Cloud Environments
  • SOC 1 Type II
• Knowledge of functions, applications, and security pertaining to:
  • Microsoft Active Directory
  • Windows , UNIX, and AS400 Operating Systems
  • Network & Infrastructure (ex: Cisco/Palo Alto firewalls, routers, and switches)
  • Database (SQL Servers & Oracle)
  • ERP:  Microsoft AX, Oracle, SAP ECC, NetSuite
  • Intrusion prevention and detection

Travel

• Minimal travel required

We offer a highly competitive salary, comprehensive benefits including: medical and dental, vision, disability and life insurance, 401K, PTO, tuition reimbursement, gear discounts and the ability to add value to an exciting mission!

Our Postings are not intended for distribution to or use in any jurisdiction, country or territory where such distribution or use would violate local law or would subject us to any regulations in another jurisdiction, country or territory. We reserve the right to limit our Postings in any jurisdiction, country or territory.

Equal Opportunity Employer Minorities/Females/Protected Veteran/Disabled

At this time, Vista Outdoor is closely monitoring the developments on the Occupational Safety and Health Administration (OSHA) COVID-19 workplace rule regarding COVID-19 vaccination or testing. You will not be asked any questions regarding these items during application.