IT Audit Consultant

Duke Energy makes life better for millions of people every day by providing electric and gas services in a sustainable way – affordable, reliable and clean.

The IT Audit Consultant will serve as a member of the Corporate Audit Services Department of Duke Energy. This position will be based in Charlotte, NC. Some travel will be required, up to 15% annually. This position will report administratively to an IT Audit Manager, but will work in a matrix environment for increased career growth and diversity.

Major accountabilities include but are not limited to:

• Work within a collaborative, team environment and contribute to the successful execution of IT-related audits, including delivering high quality audit documentation and audit deliverables
• Gather and analyze data, using reasoning and logic, and draw appropriate conclusions.
• Monitor and track the status of post-audit action plans and perform follow-up procedures to validate implementation and risk mitigation
• Build and maintain effective relationships with audit customers
• Develop and maintain current knowledge of matters impacting IT, the energy industry, and the company

Basic/Required Qualifications

• Bachelors or Masters degree in Computer Science, Management Information Systems, Business Administration, Accounting, Engineering, Economics or other IT-related discipline
• One (1) or more years of IT audit experience or technical IT work experience in areas such as network security, operating systems, databases, or business applications

Desired Qualifications

• Holds or is working towards a Certified Information Systems Auditor, Certified Information Systems Security Professional, Certified Information Privacy Professional, Project Management Professional, Professional Engineer, or Certified Fraud Examiner certification
• Advanced degree, such as an MBA or Masters in Information Security
• Prior IT audit experience in a professional services firm or fortune 500 company
• Demonstrated ability to communicate clearly, concisely, and accurately using oral and written communications
• Ability to reason logically, analyze data presented, evaluate the impact of information collected, and draw appropriate conclusions
• Demonstrated ability to develop and maintain good working relationships with internal and external customers
• Ability to assess and determine risk impacts
• An understanding of system development life cycle
• Advanced knowledge in relevant information technology field such as Active Directory, Windows/UNIX, databases (Oracle, SQL, DB2), application development/system development life cycle, network security, NERC CIP, PeopleSoft or Maximo.
• Demonstrated functional audit knowledge and ability to apply auditing protocols