Senior IT Auditor at CLEAR
With CLEAR, you are always you. CLEAR's mission is to enable frictionless and safe journeys using your identity. With more than 8 million members and 100+ partners across North America, CLEAR's identity platform connects you to the cards in your wallet - transforming the way you live, work and travel. Trust and privacy are the foundation of CLEAR. We have a commitment to members being in control of their own information and never sell member data. CLEAR is at the highest level of security by U.S. government regulators and is also certified as Qualified Anti-Terrorism Technology under the SAFETY Act.
The Senior IT Auditor, Internal Controls, will take a leadership role supporting our IT SOX Compliance program and Internal Audits within the Technology Organization and will report into the Head of Internal Audit and Controls. Ideal Candidate should have 3 years of SOX Audit experience in an IT environment or has worked within the IT framework of controls related to operating systems, networks, databases or
applications. Knowledge of Sarbanes Oxley (SOX) is required & Payment Card Industry (PCI), Health Insurance Probability and Accountability Act (HIPAA) processes is preferred.
What You Will Do:
- Assist with scoping SOX/PCI/HIPAA requirements and documenting operational processes, procedures, workflows, etc.
- Execute on day-to-day deliverables that support the ongoing compliance needs related to PCI and SOX. Coordinate activities to support the annual SOX auditing process
- Participate in departmental /process walk-throughs along with updating the corresponding SOX narratives, workflows and controls
- Work with process owners for the collection of audit requests/evidence throughout the audit cycle
- Perform/execute various monthly, quarterly, bi-annual and annual IT control and report status
- Perform management self-assessment of specific IT Controls
- Help to evaluate, monitor and resolve findings identified by internal and/or external audit team
- Expert in IT General Controls and Best practices
- Review SOC 1 and SOC 2 reports and help business with improving user access controls
- Participate in periodic status meeting with audit teams
- Coordinate activities to support the PCI compliance requirements, HIPAA, FISMA including Coordinate with QSA firm the annual penetration testing of in-scope applications and networks
- Track open issues identified through penetration testing through remediation
- Coordinate the bi-annual scans of Firewall and Routers and for addressing the identified discrepancies.
- Good knowledge of Audit Board or SOX Hub is preferred
- Ensure quarterly scans are performed and any identified issues are remediated
Coordinate annual training for End-Users and Application Developers
Who You Are:
- Bachelor Degree in Computers Science, Information Systems or Business Required and CISA Preferred
- Has a strong understanding COBIT, COSO, IT audit concepts, and leading business practices
- Recent Big 4 experience providing auditing or advisory-type services to Fortune 500 companies
- Knowledge of best practices around technology internal controls matters
- Proven ability to project manage complex engagements or programs
- Excellent oral and written communication skills and interpersonal skills
- Detail oriented, self-motivated with the ability to meet project deadlines and deliverables in a fast-paced environment
- Experience in risk management field (e.g., risk management, audit, compliance) desired. Strong knowledge of working in Audit Board (SOX Hub) preferred
- Effective ability to influence, drive change and resolve conflicts
- Experience working in a fast-paced environment
- Strong analytic, logical reasoning and problem solving and knowledge of cyber security related issues and best practices
- Strong project management skills to lead and prioritize multiple projects
- Demonstrated ability to drive change and continuous improvement
- Some travel may be required in the future, up to 5% travel
CLEAR is an inclusive Equal Employment Opportunity employer that considers applicants without regard to gender, gender identity, sexual orientation, race, ethnicity, disabled or veteran status, or any other characteristic protected by law.