Senior It Auditor

Moody’s is a developmental culture where we value candidates who are willing to grow. So, if you are excited about this opportunity but don’t meet every single requirement, please apply! You may be a perfect fit for this role or other open roles.

Moody's is a global integrated risk assessment firm that empowers organizations to make better decisions.

At Moody’s, we’re taking action. We’re hiring diverse talent and providing underrepresented groups with equitable opportunities in their careers. We’re educating, empowering and elevating our people, and creating a workplace where each person can be their true selves, reach their full potential and thrive on every level. Learn more about our DE&I initiatives, employee development programs and view our annual DE&I Report at moodys.com/diversity

The Role / Responsibilities:

• Application of Knowledge of Controls (including IT controls): Maintains an understanding of the financial, operational, cyber, and technology processes, risks and controls related to Moody's business. Ability to identify key risks and leading practices for the area under review. Develops test steps for the area under review commensurate with the nature of risk and risk levels. Demonstrates ability to identify potential issues and support these with data, prepare draft audit reports and communicate with stakeholders within and outside of the IA department.
• Strong technical knowledge: Demonstrates understanding of controls across different technologies and IT infrastructure. Maintains curiosity and exercises professional scepticism, and upholds and promotes professional ethics.
• Manages audit lifecycle: Proactively manages the end-to-end audit lifecycle, including scoping and timelines, information gathering, documentation, tests of design and operating effectiveness, and reporting. Performs audit projects in accordance with departmental and Institute of Internal Auditors standards.
• Data Analytics: Continuously expands knowledge of data analytics and use of technology to enhance audit testing, identify opportunities for continuous monitoring and repeatable test plans. Capable of performing intermediate level data analytics functions within Excel or equivalent applications (e.g. PowerBI, Tableau, etc)
• Critical thinking: Applies process analysis, business intelligence, and problem solving techniques when planning an audit, performing walkthroughs, and identifying effective test steps. Assists in developing the “why do we care” statements for audit issues and collaborates with stakeholders and project team to develop meaningful recommendations for the audit projects.
• Effective communication: Develops relationship with audit stakeholders and aligns audit projects based on stakeholders’ objectives of the area under review.

Qualifications:

• Bachelor's degree or higher, preferably in computer science, computer engineering, information technology, information systems, or similar.
• Obtained or pursuing CISSP, CISA or equivalent professional qualification. CPA, ACA or CIA qualified candidates with an experience in auditing processes in IT environment.
• At least 3 years experience in a Big 4 Accounting firm and/or a global organization in an audit, risk or controls role.
• Experience in performing assurance related work over software development, SaaS solutions, secure coding and cloud and data processes. Working knowledge in these areas through other roles (e.g. compliance, risk management, consulting) within the fintech space or software and technology companies are also valuable.
• Knowledge of internal controls, internal control frameworks and risk standards (e.g. COSO, COBIT, ISO, NIST, etc.), Sarbanes Oxley Act, and financial systems and related technology.
• Awareness of regulations pertaining to the financial services and/or fintech industry would be beneficial
• Knowledge of IT infrastructure controls (servers, databases, firewalls, etc.) and stays abreast of emerging technology trends (e.g. cloud, agile, AI)
• Experience in Application Controls and IT General Controls relating to SDLC (including Agile and DevOps/DevSecOps), access/cyber, data security and integrity
• Proficiency in Microsoft Office suite.
• Ability to work both independently and as a member of a team in a fast-paced environment and handle multiple tasks simultaneously.
• An ideal candidate should be innovative, results oriented and should be able to demonstrate strong communication, interpersonal, persuasion, team management, project management and critical thinking skills.
• Fluent in written and spoken English.

Moody's is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability, protected veteran status, sexual orientation, gender expression, gender identity or any other characteristic protected by law.
Candidates for Moody's Corporation may be asked to disclose securities holdings pursuant to Moody's Policy for Securities Trading and the requirements of the position. Employment is contingent upon compliance with the Policy, including remediation of positions in those holdings as necessary.
For more information on the Securities Trading Program, please refer to the STP Quick Reference guide on ComplianceNet
Please note: STP categories are assigned by the hiring teams and are subject to change over the course of an employee's tenure with Moody's.