Job Information
Con Edison Project Auditor - Information/Operational Technology in New York, New York
Project Auditor - Information/Operational Technology
Job Info
112076
Posting Expiration Date: May 31, 2024
Schedule Type: Full-Time
Minimum Salary: $105000
Maximum Salary: $135000
Organization: Auditing
Department: EHS Operations and IT
Section: AUDITING EHS Operations & IT
Location: NY-New York-4 Irving Pl Headquarters
Similar Jobs
Senior Analyst, Climate Risk and Resilience Group (https://careers.coned.com/jobs/14399944-sr-analyst)
Sr Analyst, Shared Services FP&A
Project Specialist - Auditing -2H (https://careers.coned.com/jobs/14366386-project-specialist)
Senior Auditor - Finance
Project Auditor, Auditing EHS Operations & IT (https://careers.coned.com/jobs/14360721-project-auditor)
Business Analyst - Oracle Support
Job Description
Mission Statement
- Consolidated Edison Company of New York, Inc. (Con Edison), Orange & Rockland Utilities (O&R), and Consolidated Edison Transmission (CET) employees are required to follow health, safety, and environmental policies, EEO, Standards of Business Conduct, and all other applicable company policy and procedures. We all share a responsibility to advance the company’s mission by excelling at our three corporate priorities – safety of our people and the public, operational excellence in all that we do, and ensuring the best possible customer experience.
Core Responsibilities
Auditors must remain objective and independent while performing their work and will be required to sign an Auditing Conflicts of Interest Disclosure & IIA Code of Ethics Attestation Form when joining Auditing and annually thereafter.
Ensure that safe work practices are followed, and the environment is protected in accordance with Company policy and governmental regulations.
Maintain strict confidentiality and demonstrate sound judgment both in character and actions.
Comply with all organizational and professional ethical standards and ensure that, audits performed comply with the IIA International Standards for the Professional Practice of Internal Auditing.
Lead team of auditors in the planning, execution and reporting of moderate to complex information/operational technology audits, integrated audits and other projects concurrently with no supervision. This includes assessing the adequacy and effectiveness of, general IT controls, application controls, and cyber security-related risks covering a broad range of computer technologies including mainframe, LAN/WAN, client/server, Internet/Intranet, databases, telecommunications, etc. Apply appropriate sampling techniques and use computer-assisted audit tools and techniques.
Lead/Conduct Sarbanes-Oxley (SOX) 404 walkthroughs and testing of IT processes, plan and participate in pre/post implementation reviews of major system implementations and assess compliance with critical cyber security standards.
Demonstrates a good understanding of relevant regulations and industry standards (e.g., SOX, COSO, COBIT, ITIL, NIST) and the ability to apply requirements to internal control frameworks.
Develop risk-and-control matrices and prioritize efforts by the identification of key controls and the development of appropriate strategies to test the design and effectiveness of those controls. Demonstrates consistent results in all aspects of controls evaluation.
May develop computerized audit routines to facilitate more effective/efficient audits.
Schedule and lead audit kick-off, midpoint audit status, and closing meetings.
Ensure that workpapers are complete and supporting documentation is cross-referenced to the record of work done. Ensure that workpapers adequately support audit observations, conclusions, and recommendations and consistently meet the requirements of the Institute of Internal Auditors as detailed in their International Standards for the Professional Practice of Internal Auditing.
Prepare clear, concise, and accurate audit reports that require minimal editing for finalization. May assist in the review of draft reports prepared by other auditors.
May mentor/train others in audit related functions, lead or supervise staff/projects. Supports and assists the Section Manager on day to day activities. Successfully assumes the delegation of acting Section Manager as needed.
Perform follow-up audit work to determine that management has implemented all recommendations timely. Assists the Section Manager with follow-up audit process.
Seek, identify, and recommend cost-saving opportunities in the course of performing audits.
Continuously complete training in auditing, information/operational technology, and other subject matter areas to meet certification requirements, improve the ability to perform quality audits, and to meet the departmental KPI training requirement.
Contribute toward team results, work well with others, and encourage other team members.
Audits will be conducted at all Con Edison, Orange & Rockland, Con Edison Transmission and Clean Energy Business locations. Some domestic and international travel required.
Support Auditing's Strategic Plan Initiatives including Robotic Process Automation solution implementation, SharePoint development and performing data analytics.
Proposes improvements and demonstrates a drive for excellence in auditing. Volunteers for projects.
Perform other related assignments as required, including work on Company project teams.
Required Education/Experience
- Bachelor's Degree Preferably in Information Systems, Computer and 5 years experience
Preferred Education/Experience
- Bachelor's Degree Science, Engineering, Accounting, or Finance
Relevant Work Experience
For Project Auditor 2H role: work experience, Minimum of 5 years of audit experience, , IT security, information risk management, IT governance or other IT compliance-related work. Required
Knowledge of internal controls, system development methodologies, complex integrated computer systems and related environments (e.g. operating systems, databases, middleware, network devices and software applications). Required
Experience in auditing and knowledge of the Institute of Internal Auditors International Standards for the Professional Practice of Internal Auditing is required. Required
Knowledge of operational technology used to monitor or control physical devices, processes and events (e.g., Distributed Control Systems and Remote Terminal Units) and/or the Internet of Things is preferred. Preferred
Familiarity with Sarbanes-Oxley, NERC Critical Infrastructure Protection and other regulatory requirements is preferred. Preferred
Experience working with advanced technical auditing tools (e.g. Oracle BI, ACL). Preferred
Experience and familiarity with company policies, procedures, systems and business processes. Preferred
Skills & Ability
Demonstrated analytical skills
Demonstrated problem solving skills
Ability to build strong customer relationships
Effective conflict management skills
Effective interpersonal skills
Effective negotiation skills
Excellent collaboration and team building skills
Strong written and verbal communication skills
Ability to influence internal and/or external constituents
Assumes personal responsibility for actions
Demonstrated ability to maintain confidential information
Demonstrates excellent judgment and decision making skills
Maintains a high degree of professionalism
Proactively approaches responsibilities
Well organized, detail oriented and flexible to handle multiple assignments
Performs work independently with minimal supervision
Ability to work within tight timeframes and meet strict deadlines
Demonstrated time management and priority setting skills
Demonstrates a high commitment to quality
Possesses strong technical aptitude
Must be proficient in Microsoft Office including Word, Excel, Outlook and PowerPoint, etc.
Licenses & Certifications
Driver's License Required
Other: Certified Information Systems Security Professional CISSP Preferred
Other: Certified Information Systems Auditor (CISA) Preferred
Other: Other: Certified Information Systems Auditor (CISA) Certified Internal Auditor (CIA)
Preferred
Physical Demands
- Must sit or stand to use a keyboard, mouse, and computer for entire shift
Other Physical Demands
Must be able to respond to Company emergencies by performing a System Emergency Assignment to restore service to our customers.
Must be able to drive to company locations when necessary.
Technical Difficulty Statement
- For technical issues, please contact us at [email protected]
Equal Opportunity Employer
- Consolidated Edison Company of New York, Inc. (Con Edison), Orange & Rockland Utilities (O&R), and Consolidated Edison Transmission (CET) are equal opportunity employers. All qualified applicants will receive consideration for employment and will not be discriminated against on the basis of the individual’s actual or perceived disability, protected veteran status, race, color, creed, religion, sex, age, national origin, gender, gender identity, gender expression, genetic information, marital status, sexual orientation, citizenship, domestic violence victim status, or any other actual or perceived status protected by law.