IT Audit / Risk Control
Company: System One
Location: Pittsburgh
Posted on: June 24, 2025
|
|
|
Job Description:
Job Title: IT Audit / Risk Control Location: Pittsburgh,
Pennsylvania Type: Direct Hire no visa sponsorship, no candidates
with temporary work authorizations, no recent college graduates For
immediate consideration, please connect with me on LinkedIn at
https://www.linkedin.com/in/dpotapenko and then email your resume,
work authorization status, current location, availability, and
compensation expectations directly to denis.potapenko@systemone.com
- make sure to include the exact job title and job location in your
email message. IT Audit & Assurance : - Conduct risk-based audits
over IT infrastructure, cybersecurity, application controls, and
third-party services. - Evaluate the design and effectiveness of IT
General Controls (ITGCs), including access management, change
management, and backup/recovery processes. - Develop and execute
audit programs aligned with NIST, FFIEC, ISO 27001, SOX, and COSO
frameworks. Risk Governance : - Establish and manage risk
governance frameworks to monitor emerging technology risks. - Lead
risk and control self-assessments (RCSAs) across technology and
business units. - Interface with board-level committees and
executive leadership on key risk indicators (KRIs) and risk
appetite reporting. Enterprise Risk Management (ERM) Audits : -
Perform ERM audits evaluating strategic, operational, regulatory,
and reputational risks. - Support enterprise-level risk assessments
and annual audit planning. - Recommend actionable enhancements to
enterprise-wide risk policies, risk taxonomy, and reporting
standards. Internal Controls & Compliance : - Design, test, and
validate internal controls over financial reporting (SOX 404
compliance). - Review policy and procedure documentation to ensure
alignment with corporate governance standards. - Lead remediation
efforts for control deficiencies and audit findings. Third-Party
Risk Management : - Assess third-party vendors’ security controls,
compliance standards, and operational resilience. - Conduct due
diligence reviews - KY3P, Archer GRC, ServiceNow GRC For immediate
consideration, please connect with me on LinkedIn at
https://www.linkedin.com/in/dpotapenko and then email your resume,
work authorization status, current location, availability, and
compensation expectations directly to denis.potapenko@systemone.com
- make sure to include the exact job title and job location in your
email message. M1 LI-DP1 . Ref: 404-IT Pittsburgh
Keywords: System One, Altoona , IT Audit / Risk Control, IT / Software / Systems , Pittsburgh, Pennsylvania
