Internal IT Auditor - ITA#1
Who We Are
Kyndryl is a market leader that thinks and acts like a start-up. We design, build, manage, and modernize the mission-critical technology systems that the world depends on every day. So why work at Kyndryl? We are always moving forward – always pushing ourselves to go further in our efforts to build a more equitable, inclusive world for our employees, our customers, and our communities.
We are looking for an experienced candidate for the position of internal information technology (IT) auditor to join IT Audit department in Kyndryl’s General Auditor Organization to perform objective and independent internal IT audits to add value to the company. This is an important role, and the candidate will be responsible for the execution of the IT audit plan focused on Kyndryl’s infrastructure and applications.
Responsibilities of this Internal IT Auditor role include:
- Performs risk-based, objective and independent internal IT audits of enterprise systems, infrastructure, and their IT and security controls and setting for internally used and for IT managed services by Kyndryl delivered to customers.
- Assess complex IT systems, environments, and controls, including but not limited to, applications, operation systems, databases, network, infrastructure, different platforms, on prem and cloud, SaaS, IT controls and processes (e.g. change management, incident management, access management including authentication and authorization, patch management, secure system and application configuration, data integrity and protection, database administration, API management, inventory management, vulnerability scanning, security assessment, operation management, business continuity and disaster recovery, risk management).
- Implements an audit framework to give reasonable assurance of design and effectiveness of IT controls, settings in IT environments in assurance audit engagements and provides advice in IT advisory engagements.
- Performs of all phases of the IT audit engagements, including, but not limited to, planning and scoping, identification and evaluation of risks and opportunities, developing and conducting testing to evaluate the design and the effectiveness of processes and controls, identifying and reporting findings, suggesting recommendations for improvements to Kyndryl’s processes and systems and following up with audit client remediations.
- Assists with other projects and various administration tasks as they may arise.
Who You Are
Required Technical and Professional Expertise
- 2+ years of experience in IT areas, at least in one of those: Linux, database, network, cloud, mainframe administration or audit
- Knowledge and understanding of IT concepts, IT and security controls, processes
- Analytical and critical thinking skills
- Able to perform analysis of the process and associated risks, develop and conduct testing to determine if controls and settings are effective to mitigate or manage risks, communicate the impact for achieving objectives, and suggest adding value recommendations
- With attitude to learn new things, commit to team to be successful and deliver results on time in a high-quality manner
- Efficiently and professionally communicates with audit clients, audit team and management verbally and in writing in English
- Team player, able to work in global teams, on-site and remotely, also able to work and deliver outcome independently with minimal supervision
- Willingness to travel globally, based on business need
Preferred Technical and Professional Expertise
- 4+ years of experience in IT areas administration or audit, preferably in: Linux, Windows, mainframe, network, database, cloud, DevSecOps, API management, SAP, RPA, AI
- Knowledge of security, internal controls, audit and risk management frameworks and concepts, e.g. ISO27000, COSO, NITS, Cobit, IPPF, ITIL
- Knowledge and experience with audit/review of IT controls, processes and security settings, e.g. change management, incident management, access management including authentication and authorization, patch management, secure system and application configuration, data integrity and protection, database administration, API management, inventory management, vulnerability scanning, security assessment, operation management, business continuity and disaster recovery, risk management
- Understand and execute the audit process using a risk-based audit approach, understand the objective, perform analysis of the process and associated risks, develop and conduct formal testing to determine if controls are effective to mitigate or manage risks, communicate the impact for achieving objectives, and develop recommendations, preparing a final report that communicates an effectiveness status for each risk
- Effectively and professionally presents and communicates issues, risks and technical information in a clear and concise manner to technical and non-technical audiences in English
- Possession of IT or audit area certifications: CISA, CISSP, CRISC, CCSK, CDPSE, CAC, OSCP, CKA, CGEIT, CISM, CRISC, ITIL, CIA, CPA, CRMA, ISO, QSA, PCI, for particular platforms, e.g. from Microsoft, Amazon, Google, IBM, Cisco or other relevant certification
- Strong analytical and critical thinking skills
- Led team of IT auditors in particular audit engagements
- Excellent time management
- Undergraduate degree preferable in one of the following areas: Computer Science, Information Technology, Cybersecurity, Information Systems, or similar
- Master’s degree preferable in one of the following areas: Computer Science, Information Technology, Cybersecurity, Information Systems, or similar
Diversity is a whole lot more than what we look like or where we come from, it’s how we think and who we are. We welcome people of all cultures, backgrounds, and experiences. But we’re not doing it single-handily: Our Kyndryl Inclusion Networks are only one of many ways we create a workplace where all Kyndryls can find and provide support and advice. This dedication to welcoming everyone into our company means that Kyndryl gives you – and everyone next to you – the ability to bring your whole self to work, individually and collectively, and support the activation of our equitable culture. That’s the Kyndryl Way.
What You Can Expect
With state-of-the-art resources and Fortune 100 clients, every day is an opportunity to innovate, build new capabilities, new relationships, new processes, and new value. Our employee learning hub gives you access to the best learning in the industry to receive certifications and accreditations, including Microsoft University, AWS Cloud Center of Excellence, Udemy, and the Harvard Business Review. Through our company-wide volunteering and giving platform, you can donate, start fundraisers, volunteer, and search over 2 million non-profit organizations. At Kyndryl, we invest heavily in you! We want you to succeed so that together, we will all succeed.