Title: Senior IT Auditor
Location: Nashville, TN (Hybrid)

Our role is to protect and enhance organizational value and support Asurion in meeting its goals and objectives through conducting assurance, compliance, and consulting projects around the globe. We serve 300 million customers globally across 100’s of business partners. We are looking for somebody with who can bring technical expertise for information systems and controls to help us identify and enhance our technology risk profile. The ideal candidate for this position is someone with an established knowledge of the technical aspects of ICFR, who is looking for an opportunity to develop their leadership and relationship building skills and serve as an advisor to management to drive internal control solutions.  

Key Accountabilities

Acquire and maintain knowledge of Asurion’s current and future product offerings and related technologyUtilize an understanding of new and emerging technology risks to contribute to the audit plan and Asurion’s enterprise risk programsLead the planning and execution of technology focused internal audit projectsSupport and contribute to the development and maturity of the ICFR ITGC program by assessing the design and operating effectiveness of IT controls and maintaining an inventory of systems supporting financial reporting.Coordinate with internal process and controls owners to ensure they are informed on the status and timing of planned IT risk assessments, testing, and remediation effortsCoordinate with external auditors to ensure they achieve their IT-related audit objectives with minimal impact on process and control ownersServe as an IT risk consultant, guiding relevant stakeholders through risk assessments, control validation, and remediation efforts in new and changing business processes and their technology environmentsIdentify risk and control gaps, assess control design and operation, and collaborate with business and technology leaders to establish any required remediation plansHelp determine the team’s resourcing requirements, including third-party contractors, and supervise/coordinate with these groupsWork on ad-hoc internal audit projects and impactful management requests

Qualifications

Education & Experience:

Bachelor’s degree in Information Systems, Computer Science, IT Security, Accounting, or related field; other degrees considered in conjunction with experience and certification3+ years of IT audit, IT security, IT compliance, IT governance or other relevant experienceISACA, ISC2, IIA, or AICPA issued certification or comparable preferred

Critical Competencies / Critical Success Factors

Strong technical understanding of IT systems, cloud platforms, and network infrastructure.Strong understanding of IT governance frameworks such as COBIT, NIST, and ISO 27001 to assess IT risk management and control processes.Proficient in assessing cybersecurity controls, including network security configurations, firewalls, and intrusion detection/prevention systems.Proficient in evaluating IT General Controls (ITGC), including access management, change management, and IT operations.Experience working with Sarbanes-Oxley, COSO, SSAE 18 complianceAbility to communicate risks, controls, and remediation plans persuasively to process and control ownersExperience with AuditBoard or other controls management tools beneficialAbility to deal with ambiguity and adapt to changing prioritiesAbility to quickly understand the fundamentals of complex processesAbility to effectively manage and progress multiple workstreamsPassionate about problem-solving and delivering excellent service to our internal and external clientsOpen to domestic and international travel up to 10% of your time (if required)