Principal IT Auditor (Hybrid)

at Ace Hardware in Oak Brook, Illinois, United States

Job Description

About This Role

The primary purpose of the Principal IT Auditor is to assist Ace management to evaluate and improve the effectiveness of our organization’s IT risk management, control, and governance processes. The focus of this role will be to independently perform timely, quality IT audits for all corporate (domestic and international) departments, manufacturing facilities, distribution centers, subsidiaries, and service lines of business.

What You’ll Do

+ Independently completes assigned IT audit engagements (on time and within assigned budgeted hours) following a standard audit methodology.Principal IT Auditors are responsible for development and completion of the entire audit project from scope creation through to issuance of the final audit report and issue follow-up activities.

+ Completes walkthroughs, testing, and workpaper documentation with minimal oversight or involvement from their direct manager.

+ Management review comments related to testing workpapers, audit reports, and other audit documentation are minimal and rarely result in the addition of extra testing areas or audit steps.

+ Performs and completes audit projects at or under the originally budgeted hours.

+ Meets calendar week deadlines indicated in the project timeline as agreed to by their direct manager.

+ Demonstrate the ability to compose and confidently deliver effective oral and written communications (e.g., project milestone updates, audit reports, etc.) aimed at all levels within the Ace organization (e.g., free of technical jargon).

+ Keep their direct manager adequately and timely informed throughout the audit project and have the discernment to know when the manager should be brought in versus when the IT Principal should resolve issues themselves.

+ Use effective communication skills to positively influence auditee behavior

+ Optimize use of all automated tools available within the organization.

+ Develop working knowledge of other types of audit, IT, and data analytical tools to assist the department in improving the overall effectiveness of the group.

+ Principal IT Auditors need to be flexible and gain adequate (preferably expert) knowledge to make effective use of Ace’s various data warehouses – including SAP, Power BI, Webfocus, Infopac, Planview, ADW, WMOS, various data dashboards, etc.

+ Support Audit Services management in developing and executing a data analytics methodology throughout all audit projects.

+ Utilize various in-house computer applications (e.g., Microsoft Office, SAP, Power BI, etc.) to facilitate successful completion of assigned audit engagements.

+ Work closely with the Audit Services Business team in planning, supporting, and executing data analytics including identification of data sources, data extraction, data validation, targeted sample selection, root cause analysis, and documentation of results.

+ Regularly seek internal and external training in order to improve upon existing data analytical skills with the goal of providing this service to the rest of the audit department.

+ Develop working knowledge and understanding of GAAP as well as key auditing standards.

+ Demonstrate ability to identify risks surrounding IT general controls:Change Management, user access security, logical security, back-up and recovery, password configuration, business continuity planning, application controls, system development methodologies, etc.

+ Document learnings to ensure technical knowledge is being consistently developed, maintained, and applied to relevant projects.

+ Search for meaningful training opportunities to grow their skillset and to share new concepts with other members of the Audit Services team.

+ Demonstrate the ability to work independently in a deadline-focused, fast-paced environment, while providing timely project status updates to Manager.

+ Demonstrate the ability to develop and enhance positive relationships with our audit clients by gaining a better understanding of overall IT risks, issues, and concerns – both holistically across the company and within their particular line of business.

+ Participate in non-audit related company activities to obtain this deeper understanding of IT risk and to enrich our current relationships and influence within the organization.

+ Demonstrate team-oriented project management and leadership skills and consistently make suggestions to improve the overall audit process

+ Supervising performance of assigned Summer intern audit projects (if available).

+ Supervising performance of audits performed by co-source partners.

+ Performing other oversight functions (e.g., EY workpaper review, consulting budget monitoring, etc.).

+ Maintaining excellent working relationships with audit team members and auditees during and after audit projects.

+ Actively pursuing opportunities to coach or mentor other team members and solicit periodic feedback from the Audit Services management team.

+ Frequently seek out additional responsibilities and opportunities to grow within their role.

Who You Are

As Ace’s Principal IT Auditor, you demonstrate the ability to evaluate, identify, and suggest ways to minimize potential risk within the IT systems that house all information assets. You love to verify the reliability and integrity of these systems and analyze related data to ensure our assets are secure. In addition, you love to collaborate effectively with peers, business partners, and your direct reports by sharing valuable IT knowledge and continually building positive relationships.

Required Skills

+ Bachelor’s Degree with focus in Accounting, Finance, Business, Computer Science, Information Technology, or Information Systems is required .

+ 7+ years’ experience in Internal IT Audit is required .

+ 7+ years’ experience in Accounting, Finance, Business, or IT/Information Systems is preferred.

+ Previous experience identifying, documenting, and evaluating IT specific general system controls with industry knowledge (e.g., distribution, manufacturing, or retail) is required .

+ Experience reviewing, conducting, and identifying risks surrounding additional IT general controls (ITGC): Change Management, user access security, logical security, back-up and recovery, password configuration, business continuity planning, application controls, system development methodologies, etc., is highly preferred.

+ Previous experience developing, documenting, and identifying controls within an ERP system (e.g., SAP) is required .

+ Experience working with SAP, mainframe, and distributed platforms as well as knowledge of Windows, UNIX, and Relational Database Management Systems is highly preferred.

+ Previous experience independently developing full, risk-based IT Audit Reports (encompassing root cause analysis related to issue development) is required .

+ Ability to minimize technical jargon in Audit Reports and when speaking with all levels of Management is highly preferred.

+ Excellent written and oral communication and presentation skills are required .

+ Excellent project management skills are required .

+ Experience with basic technological applications (i.e., Microsoft Office) is required .

+ Experience effectively utilizing data analytics is required .

+ Ability to establish effective internal & external working relationships is required .

+ Ability to work independently in a deadline-focused, fast-paced environment, while providing timely project status updates to Manager is required .

+ Ability to effectively perform leadership functions by directly managing the Summer Intern and/or indirectly managing Senior Auditor or Co-source audit partner projects is required .

+ Ability to effectively manage and/or perform other oversight activities (e.g., completion of non-audi