Internal Audit & Compliance Analyst I – Farmington Hills, MI

Posted June 28, 2023

Salary Range: $55,000-$65,000  (Based on Professional Experience)

POSITION PURPOSE

Responsible for providing expert knowledge on IT infrastructure design, ensuring proper security and risk posture. Responsible for protecting internal controls and data within system. Responsible for safeguarding information by identifying weaknesses and creating strategies to prevent security breaches. Participates in investigations and mitigation of security weaknesses. Participates in planning, analyzing, and maintaining audit activities. Responsible for identifying and informing management of internal control weaknesses or exceptions. Responsible for ensuring sufficient controls are up to date and providing additional recommendations to management with solutions to remediate internal control weaknesses. Responsible for writing and developing IT security policies and procedures. Responsible for accurately performing risk assessments of networks and systems. Assists IT personnel and keeps management well informed of problems and area activities. Responsible for conducting audit activities as required to comply with state and federal regulatory agencies.

DUTIES & RESPONSIBILITIES

  • Reviews both state and federal regulatory requirements and the associated impact on organizational controls.
  • Ensures management is well informed of emerging regulatory requirements and provides guidance on applicable changes.
  • Completes activities pertinent to the organization’s vendor management program.
  • Provide training materials to employees to help maintain compliance to policies and procedures.
  • Conducts testing of internal information systems and controls in accordance with organizational audit program. Identifies internal control weaknesses, audit exceptions and inefficiencies, and makes recommendations for improvement to management in well-written, concise audit reports.
  • Analyzes business processes for adequate internal control functions.
  • Collects regulatory information and reports to management.
  • Develops, executes, and assumes responsibility for regulatory and independent audit engagements and special projects.
  • Researches and identifies IT audit best practices.
  • Participates in the review of organizational IT security policies. Audits user adherence to security procedures. Communicates security procedure violations to management.
  • Recommends changes to ineffective security policies and procedures.
  • Identifies risks, threats, and vulnerabilities to network, information systems or services. Makes recommendations to eliminate or minimize risks.
  • Performs detailed risk analyses.
  • Keeps accurate and complete records of risk assessments. Submits them in a timely manner.
  • Keeps management informed on responsibilities for managing risk of privacy laws and requirements.
  • Produces various metrics and reports to inform management on organizational risk and adherence to policies and procedures.
  • Ensures the Company’s professional reputation is maintained both internally and externally.
  • Provides client assistance with information on regulatory policies and procedures, exam assistance, and other information as necessary.
  • Ensures appropriate levels of security and confidentiality are maintained at all times.
  • Acts as a representative of the Company with business and professional organizations and external IT contacts. Promotes the Company’s interests.
  • Assists and supports related departments as required.
  • Keeps management informed of area activities and any significant concerns.
  • Attends and participates in meetings as required.
  • Completes reports, records, and other documentation as necessary.
  • Stays up to date on technology and security developments in the IT industry.
  • Ensures department work areas are clean, secure, and well maintained.
  • Completes special projects as assigned.

EDUCATION & EXPERIENCE REQUIREMENTS

  • Bachelor’s degree in auditing, Computer Science or an equivalent field.
  • CISA/CISM and/or IT certification preferred but not required.
  • One to Five years of experience in IT audit and compliance functions.

REQUIRED KNOWLEDGE

  • Understanding of complex information systems.
  • Familiarity with federal and state banking regulations. .
  • Comprehension of industry audit processes.
  • Understanding IT governance risk and compliance domains.
  • Knowledge of security hardware, software, and processes.
  • Knowledge of IT service delivery and support.
  • Knowledge of Company policies and procedures.

WORKING CONDITIONS

  • No hazardous or significantly unpleasant conditions (such as in a typical office).
  • Occasional in-state and/or out-of-state travel.
  • Long duration of computer workstation usage.

 

To apply for a posted position, please click here.

Member Driven Technologies is an equal opportunity employer. We hire individuals on the basis of ability, experience, education, intelligence, and character. Member Driven Technologies does not discriminate against any employee or applicant because of race, color, sex, religion, gender identity or expression, sexual orientation, pregnancy, national origin, age, height or weight, marital or protected veteran status, genetic information, disability status, or otherwise to the full extent of all applicable laws. Our equal employment opportunity policy applies to all of our employment practices, including hiring, training, advancement, discipline, and compensation.