Senior IT Internal Auditor

Audit Los Angeles, California


Position at J2 Cloud Services

Internal Audit IT Senior – Security focus

We are seeking a Senior IT Internal Auditor to join our growing internal audit team in Downtown Los Angeles, California.  This individual will report to the Director of Internal Audit Cloud Services and will primarily focus on testing of the effectiveness of Internal Controls over Financial Reporting (“ICFR”) through the execution of the Sarbanes Oxley process. This position requires extensive experience in testing IT Security controls and IT General controls.  

Key Responsibilities: 

  • Assist the Director of Internal Audit with executing all phases of the Sarbanes Oxley process for ICFR, including planning, control testing and deficiency reporting.
  • Audit business units and perform IT audit activities to evaluate potential gaps in compliance with internal controls over IT Security, IT Applications, Change controls, Engineering and IT Operations.
  • Perform Security audits of business units to support GDPR audits including firewalls, NIPS and HIPS, configuration management, system access and secure data transmission.
  • Perform IT audits for Oracle Fusion, in house developed complex billing platforms and third party enterprise platforms such as Salesforce and ADP.
  • Perform audit of databases (MySQL SQL, Oracle), data warehouses, Windows operating systems, LINUX, and AWS environments.
  • Produce detailed audit work papers that are re-performable by third parties (e.g., public accounting firms, compliance organizations).
  • Draft audit findings and recommended action plans for review with management that are clear, concise and measurable.
  • Provide value-add recommendations to management to improve the control environment, increase operational effectiveness, or improve quality of products and services provided by the Company.
  • Work with business process owners to complete key controls testing in timely manner for both SOX annual audits and GDPR rotational audit work.
  • Coordinate and follow-up with business process owners to track, assess and evaluate action plans and implementation efforts for control deficiencies to ensure deficiencies are timely and satisfactorily remediated.
  • Independently manage multiple projects simultaneously.
  • Maintain effective communication with management and cross-functional communication with process owners and control performers.
  • Timely notifies and consults with management on potential or actual control gaps identified in either the design adequacy or operating effectiveness of key controls.
  • Support the external auditors during audit field work.
  • Partner with business leaders to develop and improve policies and procedures and improve efficiency of business processes.
  • Act as an ongoing resource to all employees for assistance with real time business questions and compliance matters.


Required Skills and Experience:

  • Bachelor’s degree in Business, Accounting, Information Technology or related field is required.
  • CIA, CISA, or similar certification is required.
  • Additional Security certification (CISSP, CISM, CCSP, GSEC, CCNA, CCNP, or similar) is required.
  • Minimum of five years of public accounting, technology services and/or private industry experience with internal control audits, including executing SOX assessments.
  • Minimum of five years of experience in conducting internal audit projects and reporting on the evaluation of business processes/areas/functions.
  • Demonstrated experience understanding relevant regulations (GAAP, SOX, GDPR, etc.).
  • Strong organizational and project management skills; ability to perform multiple projects/tasks simultaneously.
  • Excellent analytical skills with ability to define problems, collect data, establish facts, draw conclusions and solve problems.
  • Ability to draft clear and concise internal audit reports, summarize audit findings and align comprehensive management action plans with the process owner.
  • Demonstrated experience in preparing neat, concise, appropriately referenced work papers to document test procedures performed and conclusion drawn.
  • Strong grasp of IT general controls (logical security, user access, system development, program change management, physical security, back-ups and computer operations, etc.) and the related risks they mitigate.
  • Analytical thinker with a proven ability to work independently
  • Strong verbal and written communication skills.
  • Proficiency in MS Office (i.e., Word, Excel, PowerPoint).


Additional Skills Considered a Plus:


  • Big 4 accounting firm experience.
  • Experience conducting company-wide risk assessments (e.g., Fraud Risk, Enterprise Risk Management) and engagement level risk assessments.
  • Experience providing value-add recommendations to management to improve the control environment, increase operational effectiveness, or improve quality of products and services provided by the Company.
  • Experience coordinating with business process owners to complete key controls testing in accordance with annual SOX Audit Plan in a timely manner.
  • Demonstrated experience in working with business process owners to assess and evaluate action plans for control deficiencies to ensure deficiencies are satisfactorily remediated.
  • Experience evaluating controls for implementation and effectiveness as new systems are developed and/or key business process changes.
  • Performance of annual walk-throughs of key business processes with business owners and external auditors to assess adequacy of control design and effectiveness.
  • Update/validate/maintain SOX narratives documentation and work papers including risk and control matrices (RCMs), test of controls, spreadsheets and electronic audit evidence.