Senior IT Audit Consultant

Duke Energy makes life better for millions of people every day by providing electric and gas services in a sustainable way – affordable, reliable and clean.

The Senior IT Audit Consultant will serve as a member of the Corporate Audit Services Department of Duke Energy. This position will be based in Charlotte, NC.
Some travel will be required, up to 15% annually. This position will report administratively to an IT Audit Manager, but will work in a matrix environment for increased career growth and diversity.

• Work within a collaborative, team environment and contribute to the successful execution of IT-related audits and consulting engagements, including delivering high quality audit documentation and audit deliverables
• Plan and execute risk-based IT audit assignments with minimal supervision, including oversight of the day-to-day activities of assigned audit staff personnel, where applicable
• Gather and analyze data, using reasoning and logic, to develop test strategies and draw appropriate conclusions
• Evaluate the design and effectiveness of processes with an appropriate level of professional skepticism
• Build and maintain effective relationships with audit customers including various levels of management
• Participate in annual risk assessment processes, including the identification of key risks across the enterprise and development of the annual audit plan
• Exhibit a sense of urgency in completing assigned tasks for audits, initiatives and other department projects in accordance with prescribed milestones
• Monitor and track the status of post-audit action plans and perform follow-up procedures to validate implementation and risk mitigation
• Develop and maintain current knowledge of matters impacting IT, the energy industry, and the company

• Basic Qualifications

  • Bachelors or Masters degree in Computer Science, Management Information Systems, Business Administration, Accounting, Engineering, Economics or other IT-related discipline
  • Three (3) or more years of IT audit experience or technical IT work experience in areas such as network security, operating systems, databases, or business applications

• Desired Qualifications

  • Holds a Certified Information Systems Auditor, Certified Information Systems Security Professional, Certified Information Privacy Professional, Project Management Professional, Professional Engineer, or Certified Fraud Examiner certification
  • Advanced degree, such as an MBA or Masters in Information Security
  • Prior IT audit experience in a professional services firm or fortune 500 company
  • Demonstrated ability to communicate clearly, concisely, and accurately using oral and written communications with various levels of management
  • Demonstrated ability to reason logically, analyze data presented, evaluate the impact of information collected, and draw appropriate conclusions
  • Demonstrated ability to develop and maintain good working relationships with internal and external customers
  • Demonstrated ability to assess and determine risk impacts
  • An understanding of system development life cycle
  • Advanced knowledge in relevant information technology field such as Active Directory, Windows/UNIX, databases (Oracle, SQL, DB2), application development/system development life cycle, network security, NERC CIP, PeopleSoft or Maximo.
  • Demonstrated functional audit knowledge and ability to apply auditing protocols