We are seeking an Associate Director Information Technology Audits. The scope of responsibility for this position covers the entire Johns Hopkins Institutions including the Johns Hopkins University (JHU), The Johns Hopkins Health System (JHHS) and Information Technology (IT) areas of the Applied Physics Laboratory (APL) as assigned. This role is responsible for defining and executing the annual internal audit plan for the Johns Hopkins Institution related to information technology areas. Manage a Team of Professionals with a Strong Focus on OHIA's Values of
- Integrity - building ethical standards as a foundation.
- Excellence - the foundation of achieving excellence is maintaining objectivity.
- Respect - the foundation of building and maintaining relationships lies in the respect one shows each other.
- Collaboration - is evidenced by communication, problem-solving, and conflict resolution through bringing together knowledge, experience, ideas, and skills to achieve a common goal.
Specific Duties & Responsibilities
- In collaboration with Departmental Leadership team, including Chief Audit Officer, Executive Director Operational Audits, and Sr. Director of IT Audits, establish strategic plan for Office of Hopkins Internal Audit and ensure strategic initiatives are effectively carried out.
- Oversee a team of IT audit staff and one Data Analytics Manager in the development of an annual internal audit plan utilizing an advanced risk assessment model to identify the internal audit universe, including OHIA's involvement in internal control assessments for new systems and IT security activities; and obtain management input and buy-in.
- Oversee a team of IT auditors and one Data Analytics Manager in the execution of the annual audit plan by measuring and communicating progress, proposing revisions to the plan to reflect new priorities, and ensuring the annual plan is completed taking into consideration unforeseen occurrences (e.g., employee turnover).
- In collaboration with IT audit staff and Data Analytics Manager, assure internal audit projects are performed according to department policies, procedures and standards (e.g., audit methodology, project management tools), staying within the scope and resource allocation limits (hours and timelines), and holding staff accountable for meeting stated assigned objectives.
- In collaboration with IT audit staff and the Data Analytics Manager, scope projects and assign auditors to ensure timely and adequate execution of individual audit projects; provide clearly defined objectives based on key internal control objectives and associated risks.
- Provide advanced direction to assigned team members on the performance of audits of key control processes and IT areas of the institutions.
- Keep customers of OHIA (e.g., process owners, PBOs, senior leadership) informed on developing issues on internal audit projects.
- Assist in the negotiation of recommended changes in internal control practices and build consensus with upper-level management.
- Review, edit, and approve internal audit reports.
- Oversee follow-up procedures to ensure managements agreed upon corrective actions are effectively implemented and consistently carried out.
- Summarize internal audit results and communicate with internal leadership and the Board of Trustees Audit Committees of JHU and JHHS.
- Recruit professional internal audit staff to support the mission of the organization.
- Provide timely feedback to professional staff on performance on internal audit projects and for annual performance evaluation.
- Work with IT audit staff and Data Analytics Manager to define annual professional development plans and monitor progress throughout the year.
- Develop effective working relationships with IT leaders and other leaders of JHU and JHHS.
- Develop internal networks to raise awareness of audit issues.
- Develop external professional networks with the Association of Health Care Internal Auditors, the Association of College and University Auditors, peer internal audit departments and other relevant professional organizations.
- Provide input to committees that impact the processes/operation of the JH Institution
- Keep abreast of developments in organization IT/business areas and industry business practices.
- Monitor customer survey response rate, trend individual project responses and narrative comments.
- Collaborate with operational audit leaders on teaming audits.
- Partner effectively with external audit and institutional risk functions, including corporate compliance, privacy, risk management and others to enhance institutional risk management around IT.
- When required, interact with outsourced professional service firms to scope projects, negotiate fees and hold third-party firms accountable for high levels of quality in the execution of audit projects.
- Champion internal control best practices, challenge cultural norms, and work strategically to build consensus around practices to enhance the control environment or drive efficiencies in clinically oriented areas.
- Establish a culture that supports employee engagement and diversity, equity, and inclusion.
Other Responsibilities
- Supervises a staff of professional IT Internal Auditors and a Data Analytics manager.
- Provides departmental leadership along with Sr. Director of Information Technology Audits, Executive Director, and Chief Audit Officer, promoting a positive work environment and participating in the continuous improvement initiatives related to departmental environment and process.
Reports To - Senior Director of IT Audits, Office of Hopkins Internal Audits
Minimum Qualifications
- Bachelor's Degree in Accounting, IT or Business, or related field.
- Certified Information Systems Auditor (CISA). At least 10 years of IT audit experience with at least 5 years of increasing responsible leadership experience.
- This position does not allow for education or experience substitutions.
Preferred Qualifications
- Masters in business administration or other related IT field.
- Knowledge of internal controls related to physical security, logical security (application, database, operating system, network), program change control/change management, system/data backup, disaster recovery, business continuity, systems development life cycle, project management, system administration, system interfacing, data migration, configuration management, programming, systems analysis, telecommunications, enterprise resource planning, and compliance (Health Insurance Portability and Accountability Act).
- Familiarity with networking (firewalls, routers, remote access, intrusion detection systems, active directory), database (SQL, Oracle, DB2), and operating system (Windows, UNIX) technologies.
Classified Title: Associate Director Internal Audits Job Posting Title (Working Title):Associate Director Information Technology Audits Role/Level/Range: ATP/04/PH Starting Salary Range: $116,600 - $204,000 Annually (Commensurate with experience) Employee group: Full Time Schedule: Monday-Friday 8:30 am - 5:00 pm Exempt Status:Exempt Location:Hybrid/Eastern High Campus Department name: Information Systems Auditing Personnel area: University Administration
|