Information Technology Auditor

Job Summary:

The IT Auditor at OnPoint Community Credit Union will play a key role in assessing the design and effectiveness of information technology controls across the credit union’s systems, infrastructure, and applications. This position requires a strong understanding of IT governance, cybersecurity, and regulatory compliance relevant to financial institutions. Reporting to the Chief Audit Officer, the IT Auditor will be responsible for assessing IT risks, testing controls, and recommending improvements to strengthen operational resilience and regulatory compliance.

Key Responsibilities:

• Plan and execute comprehensive audits, in accordance with Global Internal Audit Standards, of the credit union's IT systems, networks, databases, and applications to assess their efficiency, security, and compliance with relevant regulations, industry best practices, and internal policies.
• Identify and evaluate potential risks and vulnerabilities in the IT infrastructure, including cybersecurity threats, data breaches, system failures, and regulatory non-compliance.
• Assess the effectiveness of existing IT controls and safeguards to provide assurance that risks are adequately mitigated and controls align with industry standards and regulatory requirements.
• Review compliance with relevant laws, regulations, and industry guidelines, such as the Gramm-Leach-Bliley Act (GLBA), Payment Card Industry Data Security Standard (PCI DSS), Federal Financial Institution Examination Council (FFIEC), and National Credit Union Administration (NCUA) regulations.
• Prepare clear and concise audit reports detailing findings, recommendations, and remediation strategies.
• Communicate audit results to relevant stakeholders, including senior management, IT teams, and regulatory authorities.
• Collaborate with cross-functional teams, including IT, security, compliance, and risk management, to ensure coordinated efforts in addressing IT-related risks and implementing necessary controls.
• Provide guidance and training to staff members on IT controls, security awareness, and compliance requirements to foster a culture of security and risk management within the organization.
• Monitor the implementation of management action plans and perform validation testing to assess the effectiveness of corrective actions.
• Perform other duties as assigned.

Qualifications and Skills:

• Minimum of 3 years auditing information technology systems.
• Bachelor's degree in information systems, computer science, accounting, or a related field. Relevant work experience may substitute the before-mentioned degree.
• Professional certifications such as Certified Information Systems Auditor (CISA), Certified Internal Auditor (CIA), or similar qualifications are preferred.
• Solid understanding of IT audit principles, methodologies, and best practices.
• Knowledge of financial industry regulations, including GLBA, PCI DSS, FFIEC, and NCUA requirements.
• Familiarity with IT governance frameworks, such as COBIT or ITIL.
• Strong analytical and problem-solving skills with attention to detail.
• Excellent written and verbal communication skills, including the ability to convey complex technical concepts to non-technical stakeholders.
• Proficiency in using audit tools, data analysis software, and productivity applications.
• Ability to work independently, manage multiple priorities, and meet deadlines.

Job Details

Job Family

Internal Audit

Job Function

Internal Audit

Pay Type

Salary