Global IT Audit Analyst
What We'll Bring
TransUnion works with businesses and consumers to gather, analyze, and deliver critical information needed to build strong economies around the world. Protection of that information is critical to our customers and business. As a Sr. IT Auditor you will be part of the Global Internal Audit group and be responsible for conducting Cybersecurity and IT audit engagements throughout the organization that support business objectives, best practices, and regulatory requirements.
The incumbent will be responsible for the planning, execution, reporting, and follow-up on all audit engagements by participating on an audit team or at times independently leading engagements under the direction of Internal Audit Management. Position requires travel (both US domestic and international) up to approximately 15%, however, the amount may change based on business needs.
What You'll Bring
3 – 4 years of experience in an IT Audit, Assessor, or Information Security role.
Bachelor’s degree in computer science, management systems or related field.
Demonstrated in-depth knowledge of concepts, best practices and controls in a breadth of Information Security areas/ domains. These include governance & risk management, access control, cybersecurity, physical security, security architecture and design, business continuity/disaster recovery, network security, application & operations security and compliance/incident management.
Experience in auditing system implementations.
Familiarity with auditing applications in the cloud.
Demonstrated ability to understand complex technologies, business processes, regulations and emerging risks.
Strong understanding of SOX legislation and IT frameworks including COSO and COBIT.
Strong technical and/or IT audit background with practical knowledge of a wide variety of technologies including server infrastructure & operating systems, network & web infrastructures, database architecture, vulnerability assessment and intrusion detection/prevention systems.
Self-starter with the ability to manage and prioritize responsibilities.
Team player with proven skills in influencing people without having direct management authority.
Self-driven performer with established skills in tracking self and project performance, anticipating and recognizing problems and escalating issues appropriately.
Strong ability to interact and communicate both written and verbally with people at all levels, both technical and non-technical, in a dynamic environment where interactions are not always in person.
Strong risk analysis and problem solving skills.
Must be flexible to ensure assessments are performed timely and be able to manage multiple assessments simultaneously.
Industry certification such as CISSP, CISA or CIA required.
Impact You'll Make
Performing detailed examinations of cybersecurity and IT practices and controls throughout the organization using an established assessment process and framework. The essential duties are as follows:
Assist in developing risk based annual audit plans
Coordinate with process owners to initiate, scope, plan, and conduct periodic controls assessments to identify areas of risk by evaluating the design and operating effectiveness of Information Technology General Controls (ITGC) over applications, operating systems, and databases as well as the network infrastructure.
Lead engagements and communicate issues to process owners, ensuring their understanding of associated risks and the actions needed to remediate those risks.
Document the results of audit procedures performed that support the conclusions reached.
Prepare audit reports based on the adequacy and effectiveness of controls evaluated.
Track and monitor open audit issues for remediation by working with process owners.
Communicate with external auditors and support their initiatives effectively from an IT audit standpoint.
Research security trends, threats, and prevention technologies.
Participate in departmental initiatives, administrative matters, and special projects.
This is an essential position requiring physical presence in a TransUnion office or other in-person job responsibilities.
During the COVID-19 pandemic, TransUnion has several safety protocols in place to protect associates, customers, and visitors. You may be required to be fully vaccinated against COVID-19 as a condition of employment and/or to participate in certain work-related activities. Exemption is available to qualified candidates as a reasonable accommodation.