Nature and Scope

Responsible for providing subject matter expertise and guidance regarding Risk Assessment, Business Impact Analysis, and BCP/DR, assisting in the development of new IT policies and procedures where applicable, assisting in the maintenance of existing policies and procedures, managing audit engagements with both internal and external/third-party audit teams, collaborating with colleagues within the ARI IT department to determine current state of infrastructure compliance, remediate observations and weaknesses regarding systems and documentation. Working as an IT auditor requires a diverse skill set. Aside from having a deep understanding of all aspects related to IT systems, applications, and infrastructure, it's important to have a working knowledge of IT security and infrastructure, the ability to properly assess risks and determine which are the most pressing versus those that can be addressed later.

Essential Duties and Responsibilities

Nothing in this job description restricts management's right to assign or reassign duties and responsibilities to this job at any time.

Security Management:

• Collaborate with ARI IT and other department personnel to partner, revise, and maintain documentation which may include policies, procedures, plans, work instructions that support continuous improvement and the maturity of ARI's Cybersecurity programs.
• Drive improvements within the organization by discovering areas where current controls and/or operational practices can be improved upon, as well as bringing management's attention to risks and ensuring that the right actions are taken promptly to eliminate them.
• Inspect company's IT policies and procedures; perform evaluation of control design; and carry out assessment of the effectiveness of company internal controls concerning IT processes and systems to help ensure company's IT compliance programs are always achieved.
• Collaborate with IT staff to resolve network security issues.
• Ensure there is separation between admin and user roles in all systems.

Risk Management/Business Impact Analysis:

• Assist in the development of a documented and approved IT and Cybersecurity strategy mapping objectives to the overall Enterprise goals.

• Assist in the development of an approved Business Impact Analysis that will support the Business Continuity Plan.

• Assist in the development of a Cybersecurity program following NIST-CSF guidelines where applicable to our environment.

• Assist in the development of an IT Risk Management process following NIST-CSF guidelines where applicable to our environment.

Audit Engagements:

• Manage both internal and external audit engagements.
• Review JSOX ITGC requirements.
• Collaborate with IT personnel to gather requested/required evidence.
• Respond to JSOX audit inquiries.
• Identify weaknesses in the systems and create action plans to prevent security breaches.
• Plan internal audit procedures.
• Create internal audit reports.
• Collaborate and create a solid IT infrastructure.
• Devise and implement network security policies and procedures.
• Manage, support, and administer I.T. JSOX monitoring and reporting tools.
• Periodically review current policies and procedures. Identify gaps and weaknesses based on NIST-CSF and JSOX standards.
• Improve the efficiency and effectiveness of the business and the IT audit function by leading best practices for standards and procedures.
• Assess new systems and determine whether they comply with relevant standards and regulatory requirements.
• Assess data integrity, security, development, and IT governance.
• Continuous inspection and assessment of the company's information systems to develop and implement audit test plans.
• Identify best practices that can be leveraged to complete audit requirements quickly and efficiently.
• Ensure that all preexisting audit requests are addressed and resolved in a timely manner.

• Perform any other tasks/duties as assigned by management.Perform any other tasks/duties as assigned by management.

General Responsibilities:

• Adhere to all policies in performing day to day activities.
• Periodically train on policies per schedule provided by the QA department and in compliance with JSOX.

Education Requirements and Qualifications

To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill and/or ability required.

• Bachelor's Degree in Information Technology, Computer Science or related field, or 10+ years of related experience.
• Minimum of 5 years of experience as an IT Auditor or similar role and be adept troubleshooting systems.
• CompTIA CySA+, CISA Certification, CISSP, CISM, MCSE, preferred.
• Experience troubleshooting systems.
• Excellent written and oral communication skills.
• Familiar with a range of software and hardware.
• Strong oral and written communication skills.

Good people skills are required as this position will consistently interact with internal/external customers and vendors on a daily basis. Excellent communication and technical skills are necessary to implement, manage and support all current and future network infrastructures, as well as internal procedure and policy creation/modifications.

• Knowledge of IT risk assessments, internal control principals, and audit standards/methods.
• Business flow analysis and process evaluation skills.
• Ability to identify and summarize findings/gaps, assess root cause, and recommend solutions.
• Ability to balance/manage workload under tight deadlines and work on multiple projects simultaneously
• Ability to problem solve and exercise critical thinking.
• Travel to company sites in Melville NY, Columbus OH, Brea CA, and Altkirch France when required up to 5%.

Expected salary range:

$117,000 - $130,000

The salary range displayed is the minimum and maximum salary range for the role that the employer in good faith believes to be accurate at the time of the posting of an advertisement for the role. Actual compensation for the role will be based on a number of different factors including but not limited to the candidate's qualifications, education, knowledge, skills and experience.

American Regent also offers a competitive total rewards package which includes healthcare, life insurance, profit sharing, paid time off, matching 401k as well as a wide range of other benefits.

American Regent celebrates diversity and we are committed to creating an inclusive environment for all employees. We are an Equal Opportunity Employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability status, or protected veteran status.

American Regent Inc. endeavors to make accessible to any and all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process, please email .