Senior Principal Auditor

Summary

Plans, organizes and conducts complex independent audits throughout the organization, particularly in areas involving highly complex, multifaceted, and interrelated technology and compliance; financial, accounting, information technology, and cybersecurity; and other areas requiring an integrated view of risk and related mitigation options and development of new and approved techniques and procedures.   

Prepares formal oral and written reports to the President, Audit Committee and executive management and staff, including interpretations of internal or external integrated business risks, and recommended solutions. Provides risk advisory services through participation on functional teams and projects, including technology and cyber security teams.  Fulfills requests of management for integrated audit services, review, advice, and counsel particularly in emerging, high risk, technical and/or more complex areas.   
 
Completes all aspects of audit activities in accordance with applicable auditing standards including department standards, the Institute of Internal Auditors (IIA) International Professional Practices Framework for Internal Auditing (IPPF), the Information System Audit & Controls Association (ISACA) Standards for IT Audit and Assurance, ISC(2) Certified Information Systems Security Professional Standards, (ACFE) Association of Certified Fraud Examiners, and professional codes of ethics. In addition, as a recognized expert in the internal audit, security and/or information technology audit profession, trains and mentors individuals in the department, including junior team members, enabling success in their respective roles.

What You'll Do

• Carries out complex or unique assignments including the development of new and approved techniques and procedures. Assignments cover the broad range of business areas including integrated, financial, operational, and technical audits. Expertise is reflected in the application of specialized internal audit, risk management, analytical, and business tools and techniques.
• Makes and monitors assignments to other team members in support of completion of audit objectives. Monitors assignments to ensure audit objectives are met by team members.
• Participates in a risk advisory role for SRP on projects and functional committees, including technology, risk oversight and cybersecurity related committees, particularly those identified as having more complex and higher risk.
• Leads the department’s quality assurance program to ensure work is performed in accordance with the International Practices Professional Framework of Internal Auditing, department standards, methodologies, and protocols, and the highest quality services are delivered to clients. Reports results of quality reviews to the management team and Corporate Auditor. 
• Directly involved with design, development, and implementation of the department’s methodologies that address risk. This includes identifying and evaluating the likelihood, impact, and velocity of inherent risk and how risks can be mitigated through the effective design and operation of controls. to reduce potential impact. 
• Stays abreast of emerging industry and technical risks and how these and other risks can be detected early and mitigated through proactive measures including continuous monitoring, automated auditing, and agile audit methods. Interprets internal and/or external risks and provides advice and counsel in a collaborative and proactive manner, with recommended solutions and best practices that are actionable and timely for project leaders, management, and others. Suggests audits that can be performed to help mitigate the risks identified.
• Works independently, with appropriate internal and external coordination, and specialized depth and/or breadth of internal audit and risk management expertise, to address internal audit and risk issues that are inherently highly complex, have enterprise-wise business, operational, and strategic implications, involve the combination of financial, accounting, technology (IT/OT), and cybersecurity risk, and/or are highly sensitive.
• Prepares and proof-reads presentations to executive management and others including SRP’s Board, and the Audit Committee, as requested.  Participates as a presenter to management and the Board, where needed.
• Reviews, suggests, and leads updates to the department’s policies, practices, and procedures to promote the highest quality of service and to conform to professional standards and leading practices in the industry.  Provides leadership in coordinating the design and implementation of these updates with the management team and Corporate Auditor.
• Designs, carries out, and guides others in designing and performing complex procedures to identify issues and anomalies; performs analysis of related and root causes; and develops recommendations that are actionable and can be tracked through to completion.
• Provides leadership to all levels of personnel in the department including junior and other staff members, providing guidance, and mentoring them, where necessary, and guiding them in the resolution of difficult and complex problems, with broad and deep perspective and knowledge, with results that are relevant, cost-effective, timely, and forward-looking.

Education

Additional Requirements and Qualifications

Strong preference for Certified Internal Auditor (CIA) designation, Certified Information Systems Auditor (CISA), and Certified Public Accountant (CPA). Requirement for Senior Principal Auditor is to have at least two of these certifications.  Experience and advanced degrees may in certain cases be substituted for certifications. Some travel is required. 

Knowledge, Skills and Abilities

• Follows the highest level of integrity by following professional auditing standards, building, and sustaining trust, promoting an ethical climate in the organization, and handling confidential and sensitive information with due care.
• Demonstrates respect for others and fosters teamwork, by building relationships within and outside the department through effective listening, valuing the opinion of others, using department and audit client’s time effectively, presenting solutions to remediate risk, and cross-training others.
• Has strong project and personal management skills including the ability to work on multiple assignments concurrently, both individually and with teams, and handles deadlines effectively.
• Demonstrates exceptional communication skills with others inside and outside of the department through building and maintaining speaking, writing, facilitation and presentation skills.  
• Develops and maintains knowledge, experience, skills and certifications expected for the position and level including completing personal development plans established.Adheres to SRP and Corporate Audit Services department policies, practices, and procedures.