IT Auditor, I-sr. Location: Albuquerque, NM, United States Job ID: 6088831 Date Posted:Jan 8, 2025 **POSTING DEADLINE** This position is posted until filled. **DEPARTMENT** Department: Audit Services **PREFERENCES** **-** **CISA, CPA, CMA, CFE, CIA, or other certification is preferred.** **-** **Sarbanes-Oxley Act (SOX) experience preferred** **JOB DESCRIPTION** **Sr IT Auditor** Salary Grade: G05 Minimum Midpoint Maximum $86,016 - $116,120 - $146,226 Given the financial nature of this position, this position has been defined as a position requiring a credit check. Prior to being hired, promoted, or transferred into the position, the candidate must successfully pass a credit background check. SUMMARY: Under minimal supervision, performs internal audits, detailed evaluations internal control reviews of information systems, platforms and operating procedures in accordance with corporate standards for efficiency, accuracy, security and regulatory compliance including Sarbanes Oxley compliance. ESSENTIAL DUTIES AND RESPONSIBILITIES: Plans, leads, and executes Information Technology (IT) audit projects and the IT portion of integrated audits (other financial, operational, and compliance projects with an IT subfocus) using a thorough understanding of audit methodologies and processes (e.g., COSO, COBIT) Leads or assists in the execution of SOX compliance auditing of the IT General Controls (ITGCs), including the evaluation of the design of these SOX controls, the completion of ITGC SOX walk-throughs, and testing the effectiveness of ITGC SOX controls Designs, develops and performs data analytic routines using computer-assisted auditing techniques and analyze data requirements to support technical components of detailed audit testing and planned and needed Assists and trains other audit staff in the use of computer-assisted audit techniques, and in developing methods for review and analysis of computerized information systems Performs annual IT Risk Assessments; utilizes proficiency in IT infrastructure and IT auditing, evaluates IT infrastructure in terms of risk to the organization and evaluates controls in order to recommend improvements to current risk management controls Works with Internal Audit management, external auditor, and IT management to develop a risk-based Internal IT audit strategy that complies with professional standards (e.g. IIA, ISACA, GAAS, GAAP), including the requirements of Sarbanes-Oxley Act section 404 Professionally represents the internal audit department when interacting with all levels of company personnel, external auditors and management Using proficiency in IT infrastructure, IT auditing and auditing methodologies and processes, evaluates IT infrastructure in terms of risk to the organization and evaluates controls in order to recommend improvements to current risk management controls Assists with efforts to evaluate system access, segregation of duties and evaluates the company¿s cyber security strategies and processes Consults, from an audit perspective, on new systems development/implementation projects Consults on IT systems compliance, business process optimization, profit improvement, internal control reviews and various risk assessment and security issues Conducts special studies as needed to discover root-cause deficiencies in IT systems and/or processes Recommends controls for prevention and/or system improvements Prepares reports of findings for senior management and/or Board of Director inquiries Conducts large-scale audits on any or all Electronic Data Processing (EDP) systems in response to Integrity Line calls, management directives, or other avenues of allegation or disclosure COMPETENCIES: Ability to gather, consolidate, analyze, and draw conclusions on the subject matter under consideration Knowledge of risk and internal controls specific to information technology, including but not limited to those risks and controls specific to system implementation / change management Knowledge of and ability to utilize computer aided auditing tools (CAAT) Knowledge of and ability to perform data mining and/or data analytics Thorough knowledge of and ability to apply generally accepted auditing standards (GAAS) and generally accepted accounting principles (GAAP) Proficiency in the use of statistical sampling methods and techniques Ability to coordinate and lead the work of others, either as individual contributors or in a project setting Ability to perform thorough risk assessments of various processes and departments Ability to gather and analyze information skillfully and develop alternative solutions Professionalism and strong client and team relationships QUALIFICATIONS MINIMUM EDUCATION AND/OR EXPERIENCE: Bachelor¿s degree in Business Administration in Information Systems, Accounting, Finance, MIS or related field plus six to seven years of related experience, to include three to four years experience specific to IT audit, or equivalent combination of education and/or experience related to the discipline. CERTIFICATES, LICENSES, REGISTRATIONS: Certified Information Systems Auditor (CISA), Certified Internal Auditor (CIA) or Certified Public Accountant (CPA), certification required. Progress towards certification may be considered. COMMUNICATION SKILLS: Strong written and oral communication skills Ability to interact with all levels of company personnel, external auditors and management Ability to write routine reports and correspondence Ability to speak effectively before groups of customers or employees of organization Ability to read and interpret documents such as safety rules, operating and maintenance instructions, and procedure manuals MATHEMATICAL SKILLS: Ability to work with mathematical concepts such as probability and statistical inference Ability to apply concepts such as fractions, percentages, ratios, and proportions to practical situations COMPUTER SKILLS: Knowledge of and ability to use audit management software and electronic work-paper systems In depth knowledge of Microsoft Office suite including advanced knowledge with Excel, Access and Word Knowledge of Visio, ACL, IDEA and other computer aided auditing tools ANALYSIS AND PROBLEM-SOLVING ABILITY: Ability to solve practical problems and deals with a variety of concrete variables in situations where only limited standardization exists. Ability to interpret a variety of instructions furnished in written, oral, diagram, or schedule form. Ability to gather, consolidate, analyze, and draw conclusions on the subject matter under consideration having a proficiency in the use of statistical sampling methods and techniques. PHYSICAL DEMANDS: While performing the duties of this job, the employee may be regularly required to sit up to 2/3 of the time and lift and/or move up to 10 pounds. WORK ENVIRONMENT: Office environment. **JOB DESCRIPTION** **IT Auditor** Salary Grade: G06 Minimum Midpoint Maximum $74,796 - $100,975 - $127,152 Given the financial nature of this position, this position has been defined as a position requiring a credit check. Prior to being hired, promoted, or transferred into the position, the candidate must successfully pass a credit background check. SUMMARY: Under general supervision, performs internal audits, detailed evaluations, internal control reviews of information systems, platforms, and operating procedures in accordance with corporate standards for efficiency, accuracy, security and regulatory compliance including Sarbanes Oxley compliance. ESSENTIAL DUTIES AND RESPONSIBILITIES: Plans, and executes Information Technology (IT) audit projects and the IT portion of integrated audits (other financial, operational, and compliance projects with an IT sub focus) using a thorough understanding of audit methodologies and processes (e.g., COSO, COBIT) Leads or assists in the execution of SOX compliance auditing of the IT General Controls (ITGCs), including the evaluation of the design of these SOX controls, the completion of ITGC SOX walk-throughs, and testing the effectiveness of ITGC SOX controls Designs, develops, and performs data analytic routines using computer-assisted auditing techniques and analyze data requirements to support technical components of detailed audit testing. Assists and trains other audit staff in the use of computer-assisted audit techniques, and in developing methods for review and analysis of computerized information systems Performs annual IT Risk Assessments; utilizes proficiency in IT infrastructure and IT auditing, evaluates IT infrastructure in terms of risk to the organization and evaluates controls in order to recommend improvements to current risk management controls Works with Internal Audit management, external auditor, and IT management to develop a risk-based Internal IT audit strategy that complies with professional standards (e.g., IIA, ISACA, GAAS, GAAP), including the requirements of Sarbanes-Oxley Act section 404 Professionally represents the internal audit department when interacting with all levels of company personnel, external auditors and management Using proficiency in IT infrastructure, IT auditing and auditing methodologies and processes, evaluates IT infrastructure in terms of risk to the organization and evaluates controls in order to recommend improvements to current risk management controls Assists with efforts to evaluate system access, segregation of duties and evaluates the company¿s cyber security strategies and processes Consults, from an audit perspective, on new systems development/implementation projects Consults on IT systems compliance, business process optimization, profit improvement, internal control reviews and various risk assessment and security issues Conducts special studies as needed to discover root-cause deficiencies in IT systems and/or processes Recommends controls for prevention and/or system improvements Prepares reports of findings for senior management and/or Board of Director inquiries Conducts large-scale audits on any or all Electronic Data Processing (EDP) systems in response to Integrity Line calls, management directives, or other avenues of allegation or disclosure COMPETENCIES: Ability to gather, consolidate, analyze, and draw conclusions on the subject matter under consideration Knowledge of risk and internal controls specific to information technology, including but not limited to those risks and controls specific to system implementation / change management Knowledge of and ability to utilize computer aided auditing tools (CAAT) Knowledge of and ability to perform data mining and/or data analytics Thorough knowledge of and ability to apply generally accepted auditing standards (GAAS) and generally accepted accounting principles (GAAP) Proficiency in the use of statistical sampling methods and techniques Ability to perform thorough risk assessments of various processes and departments Ability to gather and analyze information skillfully and develop alternative solutions Professionalism and strong client and team relationships QUALIFICATIONS MINIMUM EDUCATION AND/OR EXPERIENCE: Bachelor¿s degree in business administration in Information Systems, Accounting, Finance, MIS or related field plus four to five years of related experience, to include one to two years¿ experience specific to IT audit, or equivalent combination of education and/or experience related to the discipline. CERTIFICATES, LICENSES, REGISTRATIONS: Certified Information Systems Auditor (CISA), Certified Internal Auditor (CIA) or Certified Public Accountant (CPA), certification preferred. Progress towards certification may be considered. COMMUNICATION SKILLS: Strong written and oral communication skills Ability to interact with all levels of company personnel, external auditors and management Ability to write routine reports and correspondence Ability to speak effectively before groups of customers or employees of organization Ability to read and interpret documents such as safety rules, operating and maintenance instructions, and procedure manuals MATHEMATICAL SKILLS: Ability to work with mathematical concepts such as probability and statistical inference Ability to apply concepts such as fractions, percentages, ratios, and proportions to practical situations COMPUTER SKILLS: Knowledge of and ability to use audit management software and electronic work-paper systems In depth knowledge of Microsoft Office suite including advanced knowledge with Excel, Access and Word Knowledge of Visio, ACL, IDEA and other computer aided auditing tools ANALYSIS AND PROBLEM-SOLVING ABILITY: Ability to solve practical problems and deals with a variety of concrete variables in situations where only limited standardization exists. Ability to interpret a variety of instructions furnished in written, oral, diagram, or schedule form. Ability to gather, consolidate, analyze, and draw conclusions on the subject matter under consideration having a proficiency in the use of statistical sampling methods and techniques. PHYSICAL DEMANDS: While performing the duties of this job, the employee may be regularly required to sit up to 2/3 of the time and lift and/or move up to 10 pounds. WORK ENVIRONMENT: Office environment. Employees in Services Company may be responsible for providing services to various Holding Company subsidiaries and affiliates. **EQUAL OPPORTUNITY STATEMENT** Safety Statement: Safety is a core value at (TXNM Energy/PNM/TNMP) and our vision, “everyone goes home safe”, reflects our commitment to promoting an environment conducive to learning, improving and building safety practices. Our safety value is built upon the belief that every employee deserves to work in an environment free from harm. Americans with Disabilities Act (ADA) Statement: TXNM Energy is committed to providing reasonable accommodations for qualified individuals with disabilities in compliance with the ADA. If you require assistance with the job application process due to a disability, please contact HR ADA Analyst, at 505-241-4627. DEI Statement: At TXNM Energy, we value the diversity of our workforce and actively seek opportunities for incorporating Diversity, Equity, and Inclusion (DEI) within our family of companies. We believe a diverse workforce enriches our environment and helps us better meet the needs of our employees, customers, and shareholders. We remain committed to attracting and sustaining a diverse workforce and retaining high-performing employees who work collaboratively to carry out the Company's purpose. TXNM Energy and affiliates are Equal Opportunity/Affirmative Action employers. Women, minorities, disabled individuals and veterans are encouraged to apply.