IT Auditor I/II
At Liberty Mutual, our purpose is to help people embrace today and confidently pursue tomorrow. That's why we provide an environment focused on openness, inclusion, trust and respect. Here, you'll discover our expansive range of roles, and a workplace where we aim to help turn your passion into a rewarding profession.
Liberty Mutual has proudly been recognized as a “Great Place to Work” by Great Place to Work® US for the past several years. We were also selected as one of the “100 Best Places to Work in IT” onIDG's Insider Pro and Computerworld's 2020 list. For many years running, we have been named by Forbes as one of America's Best Employers for Women and one of America's Best Employers for New Graduates—as well as one of America's Best Employers for Diversity. To learn more about our commitment to diversity and inclusion please visit: https://jobs.libertymutualgroup.com/diversity-inclusion
We value your hard work, integrity and commitment to make things better, and we put people first by offering you benefits that support your life and well-being. To learn more about our benefit offerings please visit: https://LMI.co/Benefits
Liberty Mutual is an equal opportunity employer. We will not tolerate discrimination on the basis of race, color, national origin, sex, sexual orientation, gender identity, religion, age, disability, veteran's status, pregnancy, genetic information or on any basis prohibited by federal, state or local law.
This position plays a significant role in assisting Senior Executives with risk management, achievement of strategic objectives and fulfilling the Company's promise to its policyholders. As a trusted advisor, the Sr. IT Auditor I builds and cultivates effective business relationships while providing independent value-added audit and advisory services.
The Senior IT Auditor I participates as a lead staff on project teams that conduct independent assessments of Liberty Mutual's hybrid cloud (on premises data center, AWS, Azure, GCP) information systems, IT infrastructure, and IT internal control environment through the execution of risk analysis, incorporation of data analytics, utilization of data visualization, control evaluation, and innovative audit testing procedures and techniques.
Individuals in the Senior IT Auditor I role demonstrate the ability to independently apply the department's audit methodology. They participate on all phases of the audit from planning to reporting, including understanding the technologies under review, how IT enables business operations, scoping the audit, identifying risks and controls, designing and executing testing with minimal oversight and assistance with writing audit reports.
*** This is a range posting for grades 12-14. Grade level to be determined by hiring manager.***
1. Independently conducts thorough risk analysis, control identification and audit program development. Independently concludes on the effectiveness of controls and control gaps based on the results of testing. Demonstrates the ability to multi-task, by clearly documenting the results of testing on more than one audit concurrently.
2. Demonstrates technical knowledge of routine IT systems and processes and continues development of technical and intermediate analytical skills to understand more complex technologies. Interprets the associated risks, begins to develop a holistic view of risk, develops testing approach, and proposes solutions.
3. Furthers technical knowledge and demonstrates a strong understanding of the department's audit methodology, insurance industry concepts, Cyber Security, IT General Controls and Software Development Practices. Effectively demonstrates these capabilities when completing assigned work.
4. Effectively communicates audit issues and related recommendations in both technical and non-technical terms to Operational and IT management. Makes sound recommendations for audit finding rankings and effectively supports conclusions during discussions with audit clients.
5. Contributes to continuous improvement (CI) efforts. Begins leading root cause problem solving efforts and participates in department-wide CI efforts.
6. Demonstrates increased technical understanding of data analysis concepts practices, and emerging technologies. Effectively uses the department's data analysis software to facilitate audit scoping and testing and begins to identify opportunities to streamline and automate processes. Shares knowledge and experience with less experienced team members.
7. Utilizes analytic technologies and data to enable agile methodologies and approaches to deliver increased efficiency and deeper insights on risk assurance.
8. Takes an active role in facilitating the training and development of less experienced team members.
9. Aware of changes in IT audit practices, regulatory requirements, and IT Risk frameworks to understand their impact to Auditing and Liberty. (e.g. NIST Cyber, CSC, COBIT, ISO2700x)
- Requires in-depth IT Audit skills as typically acquired though a Bachelor's degree in Cybersecurity, Computer Science, Management Information Systems or a comparative field.
- Two or more years of IT Audit or information technology experience with a focus on security, risk management, or system development. Experience reviewing or administering Amazon Web Services, Azure, and Google Cloud Platform is a plus.
- Demonstrated ability to evaluate internal controls effectively execute large portions of an audit independently, analyze and solve complex problems, conduct research, and express ideas clearly, concisely, and persuasively both verbally and in writing. Demonstrates a strong understanding of business ethics.
- Experience using data analytics and visualization tools such as Power BI, Python, etc. is desired.
- CISA Certification is preferred. CISSP or other technical / IT security certifications are a plus. Excellent written and oral communication skills are required.