Northeastern University
Assistant Director - IT Audit
About the Opportunity
JOB SUMMARY
Reporting to the Director of Audit & Advisory Services, the
Assistant Director - IT Audit
is responsible for assessing, evaluating and making recommendations to management regarding the effectiveness of information technology (IT) risk management, governance, and internal controls inherent in the processes and activities of the University.
The Assistant Director will serve as a subject matter expert in evaluating IT risk, governance, and controls. The role leads the IT audit program to evaluate system and process controls to ensure the confidentiality, integrity, and availability of the university's information assets and data. The Assistant Director will examine the University's IT infrastructure, systems, processes and technology-dependent operations to meet the program's objectives.
The Assistant Director will lead high-impact audit projects and advisory engagements, delivering strategic insights to University leadership. The role requires strong leadership, project management, communication skills, and significant exposure to Senior Management. The successful candidate will collaborate across IT and Operational audit areas and generate value-added recommendations that enhance the University's operations. The role includes participating in IT risk assessments, identifying emerging IT risks, familiarity with complex systems and IT transformation projects, and maintaining the IT audit universe to inform the annual enterprise risk-based IT Audit Plan.
The Assistant Director is expected to:
Perform and oversee professional audit work, individually and as a team leader, in conducting reviews of assigned organizational activities in accordance with both IIA and departmental standards.
Plan and execute IT audit projects designed to provide an assessment of internal control processes and operational performance.
Prepare detailed plans for performing individual audits including the identification of key IT risks and controls, determination of audit objectives, and development of an appropriate audit program. Use knowledge of the current environment and industry trends to identify potential issues and risks.
Under minimal supervision, develop clear, concise, accurate, and complete audit work papers to support findings and recommendations, and write clear and concise reports for management.
Conduct or assist in the performance of special projects or studies, including risk assessments, fraud investigations, audit department policy updates, and due diligence reviews.
Participate in University-wide initiatives, bringing a risk and controls perspective to institutional planning, transformation, and technology strategy.
Oversee engagements with external auditors, as needed, ensuring quality, consistency, and timeliness in deliverables.
Assist the Director with resource planning and organizational strategy to meet department and University needs.
MINIMUM QUALIFICATIONS
Knowledge and skills required for this position are normally acquired through a bachelor's degree in Management Information Systems, Information Security/Assurance, Computer Science, or a related discipline plus at least five years in IT Auditing, IT Risk and Compliance, and/or Information Security. Master's degree is a plus.
Proficiency with data analytics using Excel, Tableau, Cognos, or PowerBI is preferred.
Proficient with Microsoft Office applications including Word, Excel, Power Point, and Visio.
Project management skills with demonstrated experience in meeting project timelines and deliverables and the ability to handle multiple project assignments simultaneously.
Excellent written and verbal communication skills, effective report writing, and comfort presenting complex findings to both technical and non-technical audiences.
Strong analytical and problem-solving skills.
Proven ability to build relationships and influence across diverse group of stakeholders.
Understanding of the Institute of Internal Auditor's International Professional Practices Framework, COSO Framework, and/or other professional internal control guidance.
Working knowledge of security and technology frameworks (e.g., NIST, COBIT).
Certification as CISA, CITP, CISSP, CISM preferred, or working towards same.
Demonstrated experience leading complex IT audits and advisory engagements in complex, decentralized, and matrixed organizations.
High degree of professionalism, integrity, and accountability.
Experience managing and mentoring audit teams.
KEY RESPONSIBILITIES & ACCOUNTABILITIES
IT Audits: As a team lead or individually, perform IT audits to provide an assessment of systems, processes and strategies for adherence with internal controls, and to determine that adequate policies and procedures exist to support operations.
IT Audits: As a team lead or individually, identify audit objectives and scope for each review, develop audit programs, perform interviews and testwork, develop clear and concise audit work papers to support findings and recommendations, and write clear and concise reports to management.
IT Audits: As a team lead or individually, manage and perform audits including, but not limited to, General IT Controls, Data Security & Privacy, IT Compliance, IT Risk Assessments, IT Governance, and IT Operational Assessments.
IT Audits: As a team lead or individually, conduct integrated audits which evaluate IT, operational, and financial controls. Work collaboratively with fellow members of the Audit & Advisory Services team.
IT Audits: Perform pre-implementation reviews for new or modified application systems to assess application, data integrity and security controls. Demonstrate and apply a thorough understanding of complex information systems.
IT Audits: Participate in ongoing IT risk assessment, identifying emerging IT risk, maintaining the IT audit universe. Continuously assess the evolving IT risk landscape and keep current the IT audit universe and risk assessment model to inform IT audit priorities and resource allocation.
IT Audits: Audit work performed must adhere to the Institute of Internal Audit's (IIA) Standards for the Professional Practice of Internal Auditing. Through the course of performing audits, identify process improvement opportunities, as needed, and work with Audit & Advisory Services management on ongoing quality assurance efforts.
IT Audits: Develop and maintain relationships with Information Technology Services management.
Advisory and Special Projects: Lead or individually contribute to advisory projects, including pre-implementation system reviews, strategic technology initiatives, data governance programs, and resiliency/risk-response planning.
Advisory and Special Projects: Participate and contribute to University-wide initiatives.
Advisory and Special Projects: Perform advisory engagements, special reviews and confidential internal investigations, as assigned.
Supervisory, Professional Development and Lifelong Learning: Seek ways to continuously develop professionally through attendance at seminars, in-house training sessions, professional exams/certification, and self-study.
Supervisory, Professional Development and Lifelong Learning: Carry forward information gathered into executing the audit plan.
Supervisory, Professional Development and Lifelong Learning: Foster a culture of continuous improvement and learning within the department.
Supervisory, Professional Development and Lifelong Learning: Supervise and evaluate the work of staff on projects. Provide opportunities to cross-train staff on audit activities and methodologies.
Supervisory, Professional Development and Lifelong Learning: Assist the Director with assessing staff resources to ensure delivery of timely and high-quality audit projects, advisory support, and investigations.
Position Type Legal and Regulatory Administration
Additional Information Northeastern University considers factors such as candidate work experience, education and skills when extending an offer. Northeastern has a comprehensive benefits package for benefit eligible employees including medical, vision, dental, paid time off, tuition assistance, wellness & life, retirement, and commuting & transportation.
All qualified applicants are encouraged to apply and will receive consideration for employment without regard to race, religion, color, national origin, age, sex, sexual orientation, disability status, or any other characteristic protected by applicable law.
Compensation Compensation Grade/Pay Type:
111S
Expected Hiring Range:
$86,490.00 - $122,163.75
With the pay range shown above, the starting salary will depend on several factors, including education, experience, location, knowledge and expertise, and skills as well as a pay comparison to similarly-situated employees. Salary ranges are reviewed regularly and are subject to change.
To apply To apply, visit Northeastern’s career page. This description excludes non-applicable content and boilerplate language, and intentionally omits external links for formatting compliance.
Copyright 2025 Jobelephant.com. All rights reserved. Posted by the FREE value-added recruitment advertising agency.
#J-18808-Ljbffr
Reporting to the Director of Audit & Advisory Services, the
Assistant Director - IT Audit
is responsible for assessing, evaluating and making recommendations to management regarding the effectiveness of information technology (IT) risk management, governance, and internal controls inherent in the processes and activities of the University.
The Assistant Director will serve as a subject matter expert in evaluating IT risk, governance, and controls. The role leads the IT audit program to evaluate system and process controls to ensure the confidentiality, integrity, and availability of the university's information assets and data. The Assistant Director will examine the University's IT infrastructure, systems, processes and technology-dependent operations to meet the program's objectives.
The Assistant Director will lead high-impact audit projects and advisory engagements, delivering strategic insights to University leadership. The role requires strong leadership, project management, communication skills, and significant exposure to Senior Management. The successful candidate will collaborate across IT and Operational audit areas and generate value-added recommendations that enhance the University's operations. The role includes participating in IT risk assessments, identifying emerging IT risks, familiarity with complex systems and IT transformation projects, and maintaining the IT audit universe to inform the annual enterprise risk-based IT Audit Plan.
The Assistant Director is expected to:
Perform and oversee professional audit work, individually and as a team leader, in conducting reviews of assigned organizational activities in accordance with both IIA and departmental standards.
Plan and execute IT audit projects designed to provide an assessment of internal control processes and operational performance.
Prepare detailed plans for performing individual audits including the identification of key IT risks and controls, determination of audit objectives, and development of an appropriate audit program. Use knowledge of the current environment and industry trends to identify potential issues and risks.
Under minimal supervision, develop clear, concise, accurate, and complete audit work papers to support findings and recommendations, and write clear and concise reports for management.
Conduct or assist in the performance of special projects or studies, including risk assessments, fraud investigations, audit department policy updates, and due diligence reviews.
Participate in University-wide initiatives, bringing a risk and controls perspective to institutional planning, transformation, and technology strategy.
Oversee engagements with external auditors, as needed, ensuring quality, consistency, and timeliness in deliverables.
Assist the Director with resource planning and organizational strategy to meet department and University needs.
MINIMUM QUALIFICATIONS
Knowledge and skills required for this position are normally acquired through a bachelor's degree in Management Information Systems, Information Security/Assurance, Computer Science, or a related discipline plus at least five years in IT Auditing, IT Risk and Compliance, and/or Information Security. Master's degree is a plus.
Proficiency with data analytics using Excel, Tableau, Cognos, or PowerBI is preferred.
Proficient with Microsoft Office applications including Word, Excel, Power Point, and Visio.
Project management skills with demonstrated experience in meeting project timelines and deliverables and the ability to handle multiple project assignments simultaneously.
Excellent written and verbal communication skills, effective report writing, and comfort presenting complex findings to both technical and non-technical audiences.
Strong analytical and problem-solving skills.
Proven ability to build relationships and influence across diverse group of stakeholders.
Understanding of the Institute of Internal Auditor's International Professional Practices Framework, COSO Framework, and/or other professional internal control guidance.
Working knowledge of security and technology frameworks (e.g., NIST, COBIT).
Certification as CISA, CITP, CISSP, CISM preferred, or working towards same.
Demonstrated experience leading complex IT audits and advisory engagements in complex, decentralized, and matrixed organizations.
High degree of professionalism, integrity, and accountability.
Experience managing and mentoring audit teams.
KEY RESPONSIBILITIES & ACCOUNTABILITIES
IT Audits: As a team lead or individually, perform IT audits to provide an assessment of systems, processes and strategies for adherence with internal controls, and to determine that adequate policies and procedures exist to support operations.
IT Audits: As a team lead or individually, identify audit objectives and scope for each review, develop audit programs, perform interviews and testwork, develop clear and concise audit work papers to support findings and recommendations, and write clear and concise reports to management.
IT Audits: As a team lead or individually, manage and perform audits including, but not limited to, General IT Controls, Data Security & Privacy, IT Compliance, IT Risk Assessments, IT Governance, and IT Operational Assessments.
IT Audits: As a team lead or individually, conduct integrated audits which evaluate IT, operational, and financial controls. Work collaboratively with fellow members of the Audit & Advisory Services team.
IT Audits: Perform pre-implementation reviews for new or modified application systems to assess application, data integrity and security controls. Demonstrate and apply a thorough understanding of complex information systems.
IT Audits: Participate in ongoing IT risk assessment, identifying emerging IT risk, maintaining the IT audit universe. Continuously assess the evolving IT risk landscape and keep current the IT audit universe and risk assessment model to inform IT audit priorities and resource allocation.
IT Audits: Audit work performed must adhere to the Institute of Internal Audit's (IIA) Standards for the Professional Practice of Internal Auditing. Through the course of performing audits, identify process improvement opportunities, as needed, and work with Audit & Advisory Services management on ongoing quality assurance efforts.
IT Audits: Develop and maintain relationships with Information Technology Services management.
Advisory and Special Projects: Lead or individually contribute to advisory projects, including pre-implementation system reviews, strategic technology initiatives, data governance programs, and resiliency/risk-response planning.
Advisory and Special Projects: Participate and contribute to University-wide initiatives.
Advisory and Special Projects: Perform advisory engagements, special reviews and confidential internal investigations, as assigned.
Supervisory, Professional Development and Lifelong Learning: Seek ways to continuously develop professionally through attendance at seminars, in-house training sessions, professional exams/certification, and self-study.
Supervisory, Professional Development and Lifelong Learning: Carry forward information gathered into executing the audit plan.
Supervisory, Professional Development and Lifelong Learning: Foster a culture of continuous improvement and learning within the department.
Supervisory, Professional Development and Lifelong Learning: Supervise and evaluate the work of staff on projects. Provide opportunities to cross-train staff on audit activities and methodologies.
Supervisory, Professional Development and Lifelong Learning: Assist the Director with assessing staff resources to ensure delivery of timely and high-quality audit projects, advisory support, and investigations.
Position Type Legal and Regulatory Administration
Additional Information Northeastern University considers factors such as candidate work experience, education and skills when extending an offer. Northeastern has a comprehensive benefits package for benefit eligible employees including medical, vision, dental, paid time off, tuition assistance, wellness & life, retirement, and commuting & transportation.
All qualified applicants are encouraged to apply and will receive consideration for employment without regard to race, religion, color, national origin, age, sex, sexual orientation, disability status, or any other characteristic protected by applicable law.
Compensation Compensation Grade/Pay Type:
111S
Expected Hiring Range:
$86,490.00 - $122,163.75
With the pay range shown above, the starting salary will depend on several factors, including education, experience, location, knowledge and expertise, and skills as well as a pay comparison to similarly-situated employees. Salary ranges are reviewed regularly and are subject to change.
To apply To apply, visit Northeastern’s career page. This description excludes non-applicable content and boilerplate language, and intentionally omits external links for formatting compliance.
Copyright 2025 Jobelephant.com. All rights reserved. Posted by the FREE value-added recruitment advertising agency.
#J-18808-Ljbffr