This dynamic individual will perform IT audits, IT risk assessments, IT Control metrics and reporting, to ensure systems compliance with applicable regulatory requirements, as well as WOW IT policies. This position will participate in multiple work-streams, support IT internal audit projects, and external audit integration (including PCI, SOX, SOC 1 and 2, NIST, etc.), build and support data analytics, and other automated techniques, assist with professional development activities, develop positive relationships and become a trusted advisor across the company.
What you'll be doing:
* Responsible for monitoring, and auditing on internal control design, and operating effectiveness, across complex information systems, platforms, and operating procedures.
* Responsible for consistency to established timelines, planning procedures, fieldwork procedures, and reporting procedures.
* Performs IT audit procedures to ensure compliance with corporate mandates including: SOX 404, PCI DSS, NIST, SOC 1 and SOC 2 reporting requirements.
* Assists Sr. IT Auditor in identifying internal control deficiencies by reviewing and monitoring details of technical business processes
* Collects, analyzes, and reports data documenting internal control processes over financial reporting, payment card processing, etc.
* Assists with drafting corporate technology policies and procedures, to support strong internal control alignment across process, technology and people.
* Works with the internal GRC team on interpretation and monitoring of IT controls to ensure accurate scope and scrutiny are applied. Participates in testing and interacts with process owners as
* Supports the upward and downward information flow that is needed for the communication and reporting of critical risks throughout the organization.
* Assisting in building automated audit/data analytic procedures and metrics where feasible.
* Conducts security research to stay on top of the latest security issues, advances, and changes. Utilizes knowledge of the current IT environment, technology trends and advancements, and communicates this information to the GRC team and leadership through written correspondence and verbal presentations to drive down risk and identify efficiencies.
* Strengthens internal control framework, through improved Policies, Procedures, and Training.
What we're looking for: Education:
* Bachelor's Degree in Computer Science, Information Security, Management Information Systems, or related field required
* CPA, CA, CISA, CISSP, CISM, CBCP, CIA or CFE certification preferred
* 1-4 years of dynamic experience in IT Audit and/or Information Security required.
* Prior experience in public accounting preferred.
* Prior HIPAA/SOC2 experience.
* Strong knowledge of IT organization business processes and systems (IT Security, data management, architectural and planning, technology lifecycle management, regulatory concerns).
* Have some experience testing and evaluating effectiveness of IT general controls (change management, logical access, IT operations)
* Preferably knowledge of Payment Card Industry Data Security Standards (PCI DSS), and Sarbanes-Oxley Act of 2002 (SOX) is required.
* Experience in Agile project methodologies is a plus.
* Knowledge of COBIT 5, NIST CSF, and ISO 27000 series frameworks.
* Technical knowledge of operating systems and databases, including AS400, Windows, Unix/Linux, Oracle, SQLServer is a plus.
* Demonstrates and promotes dedication within teams, to live and work by the WOW Core Competencies which include Customer Focus, Accountability, Situational Flexibility, Collaboration, and Effective Communications.
* Proficient with Microsoft Office applications
* Familiar with data analytic and automated audit techniques and agile project management practices and principles
* ServiceNow GRC and SQL knowledge is preferred
WOW is an Equal Opportunity Employer/Minorities/Women/Protected Veterans/Disabled/Sexual Orientation/Gender Identity employer
WideOpenWest (WOW!) is one of the nation’s broadband providers, serving residential, business and wholesale customers.