Senior IT Auditor

Position Description:

This position is eligible for a flexible work schedule, as defined by Bank OZK.

Job Purpose and Scope:

Responsible for the execution and delivery of complex audit assignments to ensure that all business and technology risks are identified, recognized, and appropriately reported in alignment with the departmental audit plan and initiatives.

Essential Job Functions:

  1. Delivers audits of business, Information Technology risk and Information Security processes/practices, and major business/IT projects to ensure compliance with Bank policy, best practices, procedural efficiency and accuracy in accordance with the audit plan.
  2. Assists in performing risk assessments for information technology related areas.
  3. Assists in developing the annual plan for IT audits.
  4. Prepares and presents reports of audit findings for business managers and proposes recommendations for changes, as needed.
  5. Participates consultatively in implementing changes to the extent possible.
  6. Participates in multiple projects and communicates appropriately with identified stakeholders within Internal Audit and business management.
  7. Tracks and follows up on open issues and key business initiatives.
  8. Consults with clients in developing action plans to resolve control issues or risks and contributes to resolution of high risk issues with management.
  9. May assist in leading and mentoring the work of more junior staff.
  10. Regularly exercises discretion and judgment in the performance of essential job functions.
  11. Maintains good punctuality and attendance to work.
  12. Follows Bank policy, procedures and guidelines.
  13. Maintains confidentiality.
  14. Drives an automobile on company business.
  15. Performs any other related duties as required or assigned.

Knowledge, Skills & Abilities:

  1. Knowledge of banking regulatory requirements and standards.
  2. Comprehensive knowledge of IT and Information Security operations, policies, and procedures.
  3. Comprehensive knowledge of generally accepted audit standards and Corporate Internal Audit standards.
  4. Comprehensive knowledge of:
    1. IT general controls (security, change management, disaster backup recovery, data center, infrastructure, etc.);
    2. Systems Development Life Cycle (SDLC) methodology;
    3. Operation system and database platforms (mainframe, client/server, Windows, UNIX, AS400, DB2, etc.);
    4. Networking (TCP/IP);
    5. IT governance processes (IT Policies and Standards, ITIL);
    6. IT Risk Management’s assessments processes (Security, Vendor, and Risk Assessments);
    7. IT application control concepts (application processing controls, system reconciliations, matching, workflows, etc.);
    8. Information Security frameworks (ISO 27001, Information Security Forum Standard of Good Practice and NIST standards); and
    9. COBIT principles, Sarbanes-Oxley.
  5. Ability to perform risk-based audits of Bank departments and functions with investigative rigor.
  6. Ability to communicate effectively both verbally and writing, including presenting, listening and interviewing.
  7. Ability to multi-task various ongoing activities and engagements with a high level of accuracy.
  8. Ability to work with limited supervision in complex IT environments.
  9. Ability to work well with peers and department managers.
  10. Ability to effectively lead and mentor the work of others.
  11. Ability to drive an automobile.
  12. Ability to travel as needed for business purposes.
  13. Skill in using computer and Microsoft Office, including Word and Excel.

Equipment Used in Job Performance/Working Environment:

  1. Computer
  2. Photocopy Machine
  3. Multifunction device
  4. Automobile


Major Job Demands:

  1. Decision-making
  2. Problem-solving

Note: This description is not an exhaustive list of all job functions, duties, skills and job standards required. Other job functions, duties, skills, and standards may be added. Management reserves the right to add or change the job requirements at any time.

Position Requirements:

Basic Qualifications:

  1. Bachelor degree in accounting, information technology or related field, or commensurate work experience, required.
  2. Minimum of four (4) years of work experience in IT audit required.
  3. Prior work experience in public accounting preferred.
  4. Minimum of one (1) year of work experience in technology or security operations preferred.
  5. CISA, CISM or CISSP designation(s) preferred.
  6. Valid driver’s license and good driving record.

Bank OZK is an equal opportunity employer and give consideration for employment to qualified applicants without regard to race, color, religion, sex, national origin, age, sexual orientation, gender identity, disability status, protected veteran status, or any other characteristic protected by federal, state, and local law. Member FDIC.

Job ID: 12031

More Information

Apply for this job

Leave your thoughts

Share this job