Senior IT Auditor

Summary

Join PENN Entertainment’s digital team as a Senior IT Auditor and contribute to the independent assessment and evaluation of IT risks, internal controls, processes, and management practices. You will execute audits of IT infrastructure, processes, applications, operations, security, and emerging technologies. This role involves liaising with external auditors, documenting audit workpapers, assessing control design and effectiveness, identifying areas for improvement, and performing follow-up on recommendations. You will also assist in developing the annual audit plan and provide advisory services on IT risk assessment, controls, and governance. The position offers the opportunity to work on special investigations and initiatives to enhance the audit department’s effectiveness. PENN Entertainment provides a competitive compensation and benefits package, including a fun work environment and professional development opportunities.

Requirements

• Undergraduate degree in Information Technology related field or Accounting
• Certified Information Systems Auditor (CISA)
• 2-4 years of working experience in IT Internal Audit and/or consulting practice with a strong risk-based audit foundation
• The candidate must have strong technical knowledge of IT platforms, operating systems, network services, security, privacy and business applications
• Experience with data analytics or an analytical mindset
• Experience auditing large enterprise IT implementations with knowledge of project methodologies, project controls and ability to effectively work with cross functional project teams
• Knowledge of Audit assurance, governance and control frameworks such as COBIT, NIST and ISO, Service Organization Controls (SOC) Reporting standards (e.g. CSAE 3416, Section 5025, AT 101) sufficient to interpret and apply IT risk and control concepts
• Strong negotiation and mediation skills with the ability to form an opinion on risks, controls and impact to business
• Ability to present complex information clearly and influence the outcome through effective verbal and written communication
• Good interpersonal skills and ability to cultivate strong working relationships in a team environment is a must

Responsibilities

• Execute audits that primarily deal with technology in the areas of IT infrastructure, processes, applications, operations, security and emerging technologies
• Support and facilitate audit requests from regulators, external auditors, and business partners on behalf of internal stakeholders
• Liaison with external auditors regarding IT process documentation, testing procedures, audit requests, and audit findings to achieve audit efficiencies
• Conduct walkthrough with management, document audit workpapers that articulate scope, objectives, procedures and conclusions of the work performed
• Assess and report on control design and effectiveness by testing controls against company policies, external regulations and accounting requirements
• Identify gaps or areas of improvement and evaluate their significance and potential business impact to propose remediation steps that are practical and reasonable
• Perform follow-up and oversee actions taken regarding audit recommendations with management to strengthen current control environment
• Assist in providing input and recommendations to audit management in developing a risk-based annual audit plan
• Assist in providing advisory services to business management on issues related to IT risk assessment, controls and governance
• Participate in special investigations related to Information Technology and system configurations, as required
• Work on initiatives to increase the effectiveness, value and reputation of the audit department
• Other duties as assigned

Preferred Qualifications

• The preferred candidate may also have one or more of the following designations: CPA, CIA, CISSP, or CISM
• Big 4 public accounting firms or equivalent experience preferred

Benefits

• Competitive compensation package
• Comprehensive Benefits package
• Fun, relaxed work environment
• Education and conference reimbursement
• Paid time off is earned according to the local policy and increases with the length of employment
• Specific benefits—such as day-one medical coverage, 401(k) matching, annual performance bonus and equity package — depending on position