Senior Information Technology Auditor

Location
Stony Brook, NY
Posted
Mar 25, 2017
Institution Type
Four-Year Institution
Job Description

Senior Information Technology Auditor-1700867

Stony Brook Medicine Logo


Position Summary

The Senior Information Technology (IT) Auditor performs complex technical information systems and infrastructure audits for Stony Brook University Hospital (SBUH) while maintaining all organizational and professional ethical standards. Specific responsibilities of the Senior IT Auditor include, but are not limited to: plan, design and perform audit reviews of major systems or units of SBUH, which consist of examinations for adherence to accepted standards as well as review of systems for integrity, security, adequacy of controls, effectiveness and efficiency, compliance with legal requirements and consistency with management objectives; design audit objectives and procedures, prepare audit programs, and write audit reports; may oversee and direct the activities of other auditors designated to assist in the audits assigned, and review their work. The Senior IT Auditor proactively keeps the Director of Internal Audit and unit managers informed of the progress of audit reviews, and actively participates in internal audit risk assessments and work plan creation processes. The Senior IT Auditor assists with the maintenance of in-house audit tools and performs other duties and special projects as assigned.


Duties of a Senior Information Technology (IT) Auditor may include the following but are not limited to:


  • Conduct audits of IT Governance, General and Application Controls including the following: Logical access controls over infrastructure, applications, and data; System Development Life Cycle Controls; Program Change Management Controls; Data Center physical security and environmental controls; system and data backup and recovery controls; computer operation controls. Develop audit objectives and detailed test procedures for assessing general IT and application controls effectiveness.
  • Consult management on the development of appropriate internal controls for new information systems applications and technologies; effectively integrate business, operational, technological, and financial.
  • Provide guidance to the Compliance and Audit Team regarding IT General and Application Control concepts.
  • Supervise and review audit staff work related to general IT and application controls.
  • Seek ongoing training to gain additional expertise in IT General and Application Controls auditing and auditing standards. Attend team meetings, phone conferences, and training as needed.
  • Other duties and responsibilities as assigned.

Qualifications


Required Qualifications: Bachelor's degree with a minimum of three years of Information Technology audit experience. Data analysis experience (i.e. Audit Command Language (ACL), SQL database). Experience in one or more of the following technologies: Electronic Medical Record System (e.g., Cerner), Siemens, IDX, Pyxis, Lawson Inventory Management System, Systems Applications & Products (SAP) Business Objects,PeopleSoft Human Resources/Payroll applications, Oracle Database, Microsoft Active Directory, network/internet security, data loss prevention. Excellent ability to deliver high quality written communications, audit work paper documentation, and draft audit reports. Proficiency using spreadsheets (i.e., Excel) and/or database software to perform complex analyses and documentation tasks. Working knowledge of Information Technology audit standards and frameworks (i.e., Control Objectives for Information and related Technology - COBIT) established by the major professional audit associations (i.e., Information Systems Audit and Control Association - ISACA, Institute of Internal Auditors - IIA). Qualified candidates must be able to effectively communicate with all levels of the organization.

Preferred Qualifications: Bachelor's degree with an Information Technology focus. (i.e. Data Analytics, Database Administration, Database Management, Information Technology Management) Three years or more of healthcare or other highly regulated complex organization information technology audit experience. Working knowledge or demonstrable experience with electronic audit work paper tools and techniques, i.e., TeamMate AM.

At least one of the following certifications, Certified Information Systems Auditor (CISA), Certified Internal Auditor (CIA), or Certified Information Systems Security Professional (CISSP).


Special Notes: Stony Brook Medicine is a smoke free environment. Smoking is strictly prohibited anywhere on campus, including parking lots and outdoor areas on the premises. All Hospital positions are subject to changes in pass days and shifts as necessary. This position may require the wearing of respiratory protection, which may prohibit the wearing of facial hair.

The selected candidate must successfully clear a background investigation. Prior to start date, the selected candidate must meet the following requirements: Successfully complete pre-employment physical examination and obtain medical clearance from Stony Brook Medicine's Employee Health Services (The hiring department will be responsible for any fee incurred for examination), submit (3) written references, and provide a copy of any required New York State license(s)/certificate(s). Please be advised that failure to comply with any of the above requirements could result in a delayed start date and/or revocation of the employment offer.


This function/position has been designated as “essential.” This means that when the Hospital is faced with an institutional emergency, employees in such positions may be required to remain at their work location or to report to work to protect, recover, and continue operations at Stony Brook Medicine, Stony Brook University Hospital and related facilities.

Pursuant to Executive Order 161, no State entity, as defined by the Executive Order, is permitted to ask, or mandate, in any form, that an applicant for employment provide his or her current compensation, or any prior compensation history, until such time as the applicant is extended a conditional offer of employment with compensation. If such information has been requested from you before such time, please contact the Governor’s Office of Employee Relations at (518) 474-6988 or via email at info@goer.ny.gov.


The best ideas in medicine start with the best people. At Stony Brook Medicine, our highest calling is to put the power of ideas to work in our patients’ lives. Stony Brook Medicine integrates and elevates all of our health-related initiatives: education, research and patient care. Stony Brook Medicine is Long Island’s premier academic medical center. With 603 beds, we serve as the region’s only tertiary care center and Level 1 Trauma Center, and are home to the Stony Brook Heart Institute, Stony Brook Cancer Center, Stony Brook Children’s Hospital, Stony Brook Neurosciences Institute, and Stony Brook Digestive Disorders Institute. We also encompass Suffolk County’s only Level 4 Regional Perinatal Center, state-designated AIDS Center, state-designated Comprehensive Psychiatric Emergency Program, state-designated Burn Center, the Christopher Pendergast ALS Center of Excellence, and Kidney Transplant Center. It is home of the nation’s first Pediatric Multiple Sclerosis Center.

Stony Brook University is an Affirmative Action/Equal Opportunity employer. We are committed to the creation of a diverse and inclusive campus climate. We encourage protected veterans, individuals with disabilities, women and minorities to apply.


IF YOU NEED A DISABILITY-RELATED ACCOMMODATION, PLEASE CALL THE UNIVERSITY HUMAN RESOURCE SERVICES DEPARTMENT AT (631) 632-6161 OR THE UNIVERSITY HOSPITAL HUMAN RESOURCES DEPARTMENT AT (631) 444-4700.
IN ACCORDANCE WITH THE TITLE II CRIME AWARENESS AND SECURITY ACT, A COPY OF OUR CRIME STATISTICS IS AVAILABLE UPON REQUEST BY CALLING (631) 632-6350. IT CAN ALSO BE VIEWED ON-LINE AT THE UNIVERSITY POLICE WEBSITE AT http://www.stonybrook.edu/police


Official Job Title: Associate for University Financial Analysis
Job Field: Compliance
Primary Location: US-NY-Stony Brook
Department/Hiring Area: Office of Compliance and Audit Services (OCAS)-Stony Brook University Hospital
Schedule: Full-time Day Shift 8:30AM - 5:00PMOffice of Compliance and Audit Services (OCAS)-Stony Brook University Hospital
Posting Start Date: Mar 24, 2017
Posting End Date: Apr 23, 2017, 10:59:00 PM
Salary: Commensurate with Experience
Salary Grade: MP4

PI97278298