Employment Opportunities

Internal Auditor IT (or Senior)-FIN000104 - Con-way

IT Security and Compliance Analyst - Tripwire

IT Auditor or SR IT Auditor - Regence

Staff Auditor - Oregon University System

Internal Auditor IT (or Senior)-FIN000104

See external Careers website below to apply:

use 'Internal Auditor IT' in 'Keyword' search.

Internal Auditor IT (or Senior)-FIN000104

http://www.con-way.com/en/careers/search_other_careers

Summary:

Perform internal audits and special projects by providing independent, objective assurance, education and consulting services for the company's information systems and technology infrastructure to promote an effective control environment. Evaluate Con-way's internal controls and provide recommendations to improve risk management, control, and governance processes to assist the Company in accomplishing objectives for business efficiency, cost reduction, and protection of shareholder interests. Collaborate with IT audit team to identify and assess the risk areas to be reviewed. Routinely monitor IT for compliance with government regulatory requirements. Conduct data analysis/data mining in support of risk assessments and internal audit projects.

Depending on skills and experience, position may be filled at a higher level.

Essential Functions:

Analyze and evaluate the effectiveness of internal controls, identify risks, assess their significance, recognize fraud, and formulate reasonable and logical conclusions. Scope of audit work includes IT infrastructure, all phases of the system development life cycle, and purchased software.
Document audit work in accordance with company and Institute of Internal Auditors standards to support audit findings and recommendations.
Communicate audit findings and recommendations, both written and oral, to promote constructive change
Assist in IT risk assessments by evaluation and assessing IT development, maintenance activities, emerging technologies and regulations relating to IT security, corporate governance, and information privacy. Help identify potential audit areas based on these assessments and participate in planning to develop the audit scope, objectives and audit program.
Assist in monitoring to ensure compliance with external regulations such as Sarbanes-Oxley.

Additional Functions:

Data analysis: gather and evaluate data from various sources using analytical and logical reasoning, examine each component of the data to form a conclusion; document and present the results
Data mining: Identify meaningful patterns, trends and relationships in large amounts of data to form a conclusion; document and present the results
Database query and reporting: Use database query and reporting tools to filter and select data, and develop basic reports
DBMS management: Create and manage relational databases, such as SQL Server, Oracle, DB2 or Microsoft Access

Scope and Accountability:

Incumbent's decisions and actions rarely and minimally impact the company's revenue and operations. Decisions and actions may have a moderate impact on reputation, and/or customer satisfaction.
Incumbent makes some independent decisions, but actions are guided by clearly-stated standards, parameters and processes. Incumbent performs work under moderate-level of supervision.
Work under established guidelines and controls, including Standards of the Institute of Internal Auditors (IIA), Generally Accepted Audit Standards (GAAS), Sarbanes-Oxley and other local and national government regulations, including transportation, environmental, and the Foreign Corrupt Practices Act (FCPA), Association of Certified Fraud Examiners (ACFE), Con-way Enterprise Services Audit Policies and Procedures and Con-way Enterprise Services Code of Business Ethics.

Qualifications

Knowledge, Skills, and Abilities:

Education: Bachelor's degree required.
Certification: Certified Information Systems Auditor (CISA) certification (preferred); ACL Certified Data Analyst (ACDA) certification (preferred)
Audit Experience: 2+ years working experience in auditing (IT, financial, operational)
Data analysis/mining tool experience: 2+ years experience with tools such as ACL(preferred), IDEA or SAS
Application/Database experience: 2+ years of experience with ERP systems, such as Oracle E-Business Suite (preferred), Oracle database and related tools such as Oracle Data Integration Suite.
BI tool experience: 2+ years experience with Business Intelligence tools, such as MicroStrategy (preferred), Cognos or Business Objects
IT Methodologies: Basic understanding of IT development, maintenance and project management methodologies, and current and emerging technologies
IT GRC & Audit Methodologies: Basic knowledge of IT Governance, Risk and Compliance practices and tools, including IT risk assessment; Basic knowledge of Sarbanes-Oxley, fraud detection techniques, and IT process frameworks such as Control Objectives for Information Technology (COBIT)
Desktop tools: Working knowledge of Microsoft Word, Excel, PowerPoint, Access, Project and Visio
Strong skills in business writing and editing; strong communication skills (oral and written); communicate effectively with support peers, end users, and all levels of corporate management; ability to create and host presentations.
Strong interpersonal skills; participate in a team environment and build strong working relationships.
Basic project management skills; time management skills; multi-task and prioritize work loads; demonstrated analytical capabilities; effectively identify and resolve problems in high visibility, high stress situations.
Occasional domestic and international travel to various business units is required.
Industry experience: Transportation industry experience is a plus
Lean/LSS experience: Lean, or Lean Six Sigma, experience is a plus

Job

Finance & Accounting

Primary Location

United States-Oregon-Portland

See external Careers website below to apply:

use 'Internal Auditor IT' in 'Keyword' search.

Internal Auditor IT (or Senior)-FIN000104

http://www.con-way.com/en/careers/search_other_careers

IT Security and Compliance Analyst Job Description (#10-86)

§ Analyst duties

• Analyze sources - determine details, research supporting materials, make estimates of effort/test difficulty

• Map existing tests to policy - matching tests to policy and supporting decision of mapping with backup source, defendable positions

• Author/Reviewer of TE documentation on Policy material

• Check Spec/work done by other SME, Engineering (IT), outsourced dev and QA

• Technical support - bugs, hardening, etc

• Perform Content Quality Checks

§ Skills

• Real world IT Security experience, experience with 3 or more CISSP domains.

• Familiarity with IT audit, artifacts, and audit workflow

• Experience as technical or security analyst

• Preference: CISSP, CISA certifications

• Must have experience with one or more of the following compliance domains: PCI, CIS, DISA, HIPAA, COBIT, ISO 27001, GLBA, FFIEC, SOX, NERC CIP, NIST 800-53/ FISMA, Standard of Good Practice

• Technical skills in many OS, networking and database technologies. Must have decent system level skills with Windows (2k, 2k3, 2k8), Solaris 8, 9 or 10 (prefer all), Linux flavors (RH), SQL Server and/or Oracle, Exchange, IIS, Cisco IOS

• Scripting skills – some prior coding experience helps, prefer strong Regex skills. Also good: Powershell

§ Project Management duties

• Significant involvement (including leadership) in various content/policy related projects

• Help to manage/coordinate to production and project processes.

• Example: New Policy Development projects – From initial analysis through all development tasks, QA and post production support

• Working with Architecture/R&D/PM/Marketing on policy topics, and providing regular status reporting accordingly

If you meet the qualifications and would like to be considered for this position please email your cover letter, resume, salary history and the self-identification form to jobs@tripwire.com. Please note the specific position you are applying for and that you saw this posting on ISACA in the subject line of your email.

If you have questions or would like additional information before applying, please email Merilee Schillinger, Corporate Recruiter at mschillinger@tripwire.com.

For a complete list of current open positions please visit http://www.tripwire.com/company/workingattripwire/

Equal Opportunity Employer

Tripwire is an equal opportunity employer in all personnel practices – including recruitment, advertising, hiring, participating in training and development programs, promotion and upgrading, layoff and termination, pay and other forms of compensation, insurance, worker's compensation and other benefits. We are committed to affirmative action and prohibit discrimination based on race, color, sex, age, religion, national origin, disability, Vietnam-era veteran or other eligible veteran status, or any other unlawful forms of discrimination.

IT Auditor or SR IT Auditor
Portland, OR

Bring your knowledge of risk management to the following role:
· Provide Regence management with independent assurance that IT and related business risks are adequately recognized, assessed, reported, and controlled
· Responsible for the independent assessment of assigned areas within IT and the business including corporate projects; and the promotion of risk management and the understanding of internal controls within Regence
· Collaborate with IT and other customers to independently assess the risk environment in either existing or developing processes
· Plan, coordinate, conduct, and assist in reporting on audits of system development, general controls, applications, technical IT functions, and other projects as requested by the Internal Audit management
· While performing these reviews, the auditor is responsible for maintaining a focus on high-risk areas to determine if appropriate controls are in place to adequately mitigate risks

Combine your degree and auditing experience with the following skills and abilities:

•Bachelor's degree in accounting, computer science, or business administration, or associates degree plus equivalent experience.
•1 year of audit experience, 3 years for SR position.
•Certified Information Systems Auditor (CISA) designation preferred, required for SR position.
•Demonstrated knowledge and experience in the majority of the following: systems development life cycle (SDLC), project management, information systems security, business continuity planning, disaster recovery, e-business, telecommunications, data base management system, application controls, as well as knowledge of emerging technologies.
•Ability to construct work papers that effectively communicate and document evidence that addresses the audit objective and that support the conclusion.
•Working knowledge of CoBIT and COSO audit frameworks.
•Demonstrated verbal communication skills. Ability to convey issues surrounding information technology general controls in a non-technical manner.
•Ability to work in a collaborative manner with various clients.
•Ability to prepare clear, concise written narratives and memoranda.
•Strong project and time management skills.
•Skilled in the use of personal computer software, such as Microsoft Word, Excel, PowerPoint, Lotus Notes, Visio, Microsoft Project, and Clarity.

Hard work and dedication is rewarded at Regence:
We offer a competitive salary and a generous benefits package.

For consideration, please visit our Web site at www.regence.com/careers and Apply Online to Job #18247.

The Oregon University System Internal Audit Division is seeking a Staff Auditor. This is a full time position based in Portland on the Portland State University campus.

Salary range $42,000- $45,000, plus generous benefits. Position is open until filled – priority will be given to applications received by July 9th, 2010. Please visit us online at http://www.ous.edu/dept/hr/employment.php for information about OUS, a detailed position description and the OUS application.

The OUS is an Affirmative Action/Equal Opportunity Employer committed to development of an inclusive, multicultural higher educational environment.
6/21/10