At Exelon, we've got a place for you Join the nation's leading competitive energy provider, with one of the largest electricity generation portfolios and retail customer bases in the country. You will be part of a family of companies that strives for the highest standards of power generation, competitive energy sales, and energy delivery. Our team of outstanding professionals is focused on performance, thought leadership, innovation, and the power of ideas that come from a diverse and inclusive workforce. Exelon will provide you the tools and resources you need to design, build and enhance a successful career. We are also dedicated to motivating the success of our employees through competitive base salary, incentives, and health and retirement benefits. Join Exelon and share your passion at a forward-thinking Fortune 150 company. Establish yourself in a place where you can truly shine and create a brighter, more sustainable tomorrow.
Join our Exelon Business Services Company (BSC) to be part of a diverse and inclusive team that provides best-in-class professional services and adds exceptional value to Exelon's family of companies. We provide financial, human resource, legal, information technology, supply management, communications, and corporate governance services.
Energize your career at Exelon!
PRIMARY PURPOSE OF POSITION
Under the guidance and oversight of the Manager or Senior Manager, the Senior IT Auditor is a subject matter resource on IT risk areas, including cyber security, IT service delivery, infrastructure, architecture and cloud technology. The Senior IT Auditor leads assurance and compliance engagements, using the integrated DARE Engagement Framework to provide risk-informed insights and value-oriented recommendations to enhance the efficiency and effectiveness of processes and the control environment. Audit engagements include assurance and compliance work involving information technology (IT), security, system implementations and process transformations.
PRIMARY DUTIES AND ACCOUNTABILITIES
* Lead the planning and execution of audit engagements in accordance with the DARE Framework (i.e. Define, Assess, Report and Enable).
* Define - Gain an understanding of the area under review to define specific engagement objective and scope utilizing various resources to identify relevant risks; e.g. background research, data analysis, client discussions, alignment with ERM/Compliance.
* Assess - Execute engagement plans to provide assurance, offer insights and recommend improvement opportunities. Complete required procedures (e.g. interviews, examine documentation, data analysis, targeted testing, and others).
* Report - Communicate results of engagements in a clear, concise manner while providing value-added insights, visualizations, and lessons learned to further improve the overall strength of the control environment and to help management meet stated objectives.
* Enable - Support business efforts to mitigate risks or address improvement opportunities as needed.
* Contribute to department initiatives to elevate EAS team capabilities in Cyber security and IT risks. This includes development of risk considerations in cyber security, IT service delivery, IT infrastructure, architecture and cloud technologies.
* Manage, monitor, and report on engagement progress (e.g. task completion, potential issues, items requiring escalation).
* Supervise audit staff by providing guidance on audit procedures, reviewing work papers, providing timely feedback for continuous improvement and learning.
* Validate completion of remediation actions from engagement reports (e.g. Test of design/operating effectiveness)
* Identify continuous improvement opportunities in all aspects of the role (e.g. increase use of data analytics, automated testing, administrative tasks).
LEVEL OF EDUCATION/CERTIFICATION/YEARS EXPERIENCE
* Undergraduate degree in Computer Science, Accounting, Engineering, Business or equivalent degree
* Five to eight years experience in an IT or Security Audit/Advisory position or related field
* Analytical Capability - Applies critical thinking and intellectual curiosity to solve complex problems by leveraging various tools and techniques
* Risk and Controls - Demonstrates ability to identify, assess and mitigate risk to strengthen the control environment
* Project Management - Ability to prioritize multiple activities /requirements and clearly report status
* Advanced knowledge of operating systems (e.g. UNIX, Windows), databases (e.g. SQL Server, Oracle) and computing environments (e.g. mainframe, client/server, cloud-computing)
* Strong understanding of business continuity and IT security concepts
* Proficient with Office365 (Word, Excel, Visio, Planner, Teams)
LEVEL OF EDUCATION/CERTIFICATION/ YEARS OF EXPERIENCE
* Advanced/Graduate degree
* Professional accreditation, e.g. CIA, CPA, CISA, CISSP, PMP
* Min, 3 years experience with IT audit and cybersecurity frameworks and requirements (e.g. CoBIT, NIST)
* Experience with audit/data analytics tools (e.g. TeamMate, SOXHub, Microsoft PowerBI)
* Energy Industry Experience
Exelon is proud to be an equal opportunity employer and employees or applicants will receive consideration for employment without regard to: age, color, disability, gender, national origin, race, religion, sexual orientation, gender identity, protected veteran status, or any other classification protected by federal, state, or local law.
VEVRAA Federal Contractor
EEO is the Law Poster