CareFirst BlueCross BlueShield

Sr. IT Auditor

It Analyst in Washington, DC

Posted 2019-12-06

Resp & Qualifications

Under the direction of the Manager of Audit & Advisory Services, the incumbent's accountabilities include, but are not limited to, the following:

1. Direct and conduct information systems audits utilizing computer assisted audit techniques. Analyze and evaluate IT operations and strategies to identify opportunities for improvement in processes and outcomes and provide technical audit advice relating to systems/operations; systems development, design and controls; systems security; change/project management; business process improvement; complex integrated systems and related computer applications; disaster recovery; and IBM mainframe, Unix and Windows NT environments. Interact with business area personnel regularly, including both the entrance and exit interviews, in order to gather information, interpret results, communicate potential risks/issues and develop appropriate corrective actions including strengthening controls, improving efficiency and effectiveness of operations and controlling costs.

2. Monitor the progress and management of corporate IT initiatives or projects, as assigned. Advise and consult on risk management and controls for new systems and/or processes associated with the assigned corporate projects, following a system development life cycle methodology, as appropriate. Work collaboratively with the project team to identify project and post-implementation risk/issues and develop recommendations for corrective actions. Follow-up with project management to resolve identified problems, including internal control testing, coding and unit testing, system and acceptance testing, conversion testing, implementation testing, post-implementation review, as appropriate. Write memoranda and status reports to management communicating the risks and recommended corrective action plans identified in these monitoring and advisory activities.

3. Through audit and advisory assignments, identify and maintain a repository of best practices and benchmarking information related to CareFirst’s IT business operations. Maintain a repository of IT audit issues and relative corrective action plan and update management on outstanding issues and potential risks on a scheduled basis.

4. Participate in the performance of risk assessment of the business process and project level. Maintain a database repository of business processes and related risk documentation.

5. Perform special reviews and audits or advisory services as requested by management. Respond effectively and timely. Write reports or memoranda to management communicating the results of the work performed, establish action plans, and perform follow-up to validate completion of action plans. Support department strategic initiatives and other special assignments aimed at continuous quality improvement.

6. Perform control self-assessment, process improvement reviews, and problem resolution facilitation for management of business areas, as assigned by the Audit Manager. Promote these services within the organization.

7. Assist in the coordination/management of all external audits of IT information systems as operations as assigned.

Required: This position requires a BS/BA degree in Business Administration, Management Sciences, Information Systems, Finance and/or Accounting, and 3-5 or more years of progressively responsible auditing and/or systems analyst/programmer and/or consulting and business advisory services experience with a project management background. Incumbent must have demonstrated experience and knowledge, in business process improvement, risk assessment and mitigation, internal control assessment and information systems development life cycle methodologies.

Skills/Abilities: Incumbent must fully understand auditing techniques, concepts and principles, and how they are applied to individual audits or a strong Project management background. Must be knowledgeable of internal controls, and system development life cycle (SDLC) methodologies, complex integrated computer systems, applications and environments. Must be proficient with PC applications and have experience in and knowledge of IT audit related issues concerning operating systems (UNIX, Windows NT and Novell), computer networking, firewalls, penetration tests, access control software (RACF, Control-SA and Ringneck) and database management systems (Sybase, Oracle and SQL Server). Experience with Audit Command Language (ACL) performed.

Incumbent much have excellent project management skills including workflow balancing, activity scheduling, problem solving facilitation, the ability to prioritize and manage multiple complex tasks and demonstrated experience in meeting deadlines. Must be highly motivated, organized, committed to professional development, with demonstrated progression and achievement. Ability to work independently with minimal supervision is required. Must be able to work effectively in a team-oriented atmosphere. Incumbent must have highly developed oral and written communication skills to effectively communicate complex auditing information and business risks to a non-technical audience. Also must have effective public speaking skills and be able to prepare and deliver presentations. Additional qualities are good analytical skills and judgment and strong decision-making ability.

Preferred: Possess certification as a CPA, CIA, or CISA; advanced degree; healthcare insurance industry experience. At least 4 years of experience in IT Audit.

Ready to be seen?

Apply now to have the opportunity to be considered for similar jobs at leading companies in the Seen network for FREE.

Be seen in a new It Analyst job

Skip the search

Zero stress and one profile that can connect you directly to 1000s of companies.

Best-fit jobs—for you

We’ll take it from there. After you tell us what you’re looking for, we’ll show you off to matches.

Free Career Coaching

Boost your interview skills, map your tech career and seal the deal with 1:1 career coaching.

You get tech. We get you.

Join now and be seen.