• IT Auditor, I-sr.

    TXNM Energy (Albuquerque, NM)


    IT Auditor, I-sr.

     

    Job ID: 6088831

     

    Date Posted:Apr 23, 2025

    POSTING DEADLINE

    This position is posted until filled.

    DEPARTMENT

    Department: Audit Services

    PREFERENCES

    -** **CISA, CPA, CMA, CFE, CIA, or other certification is preferred.

     

    -** **Sarbanes-Oxley Act (SOX) experience preferred

    JOB DESCRIPTION

    Sr IT Auditor

     

    Salary Grade: G05

     

    Minimum Midpoint Maximum

     

    $86,016 - $116,120 - $146,226

     

    Given the financial nature of this position, this position has been defined as a position requiring a credit check. Prior to being hired, promoted, or transferred into the position, the candidate must successfully pass a credit background check.

    SUMMARY:

    Under minimal supervision, performs internal audits, detailed evaluations internal control reviews of information systems, platforms and operating procedures in accordance with corporate standards for efficiency, accuracy, security and regulatory compliance including Sarbanes Oxley compliance.

    ESSENTIAL DUTIES AND RESPONSIBILITIES:

    Plans, leads, and executes Information Technology (IT) audit projects and the IT portion of integrated audits (other financial, operational, and compliance projects with an IT subfocus) using a thorough understanding of audit methodologies and processes (e.g., COSO, COBIT)

     

    Leads or assists in the execution of SOX compliance auditing of the IT General Controls (ITGCs), including the evaluation of the design of these SOX controls, the completion of ITGC SOX walk-throughs, and testing the effectiveness of ITGC SOX controls

     

    Designs, develops and performs data analytic routines using computer-assisted auditing techniques and analyze data requirements to support technical components of detailed audit testing and planned and needed

     

    Assists and trains other audit staff in the use of computer-assisted audit techniques, and in developing methods for review and analysis of computerized information systems

     

    Performs annual IT Risk Assessments; utilizes proficiency in IT infrastructure and IT auditing, evaluates IT infrastructure in terms of risk to the organization and evaluates controls in order to recommend improvements to current risk management controls

     

    Works with Internal Audit management, external auditor, and IT management to develop a risk-based Internal IT audit strategy that complies with professional standards (e.g. IIA, ISACA, GAAS, GAAP), including the requirements of Sarbanes-Oxley Act section 404

     

    Professionally represents the internal audit department when interacting with all levels of company personnel, external auditors and management

     

    Using proficiency in IT infrastructure, IT auditing and auditing methodologies and processes, evaluates IT infrastructure in terms of risk to the organization and evaluates controls in order to recommend improvements to current risk management controls

     

    Assists with efforts to evaluate system access, segregation of duties and evaluates the company¿s cyber security strategies and processes

     

    Consults, from an audit perspective, on new systems development/implementation projects

     

    Consults on IT systems compliance, business process optimization, profit improvement, internal control reviews and various risk assessment and security issues

     

    Conducts special studies as needed to discover root-cause deficiencies in IT systems and/or processes

     

    Recommends controls for prevention and/or system improvements

     

    Prepares reports of findings for senior management and/or Board of Director inquiries

     

    Conducts large-scale audits on any or all Electronic Data Processing (EDP) systems in response to Integrity Line calls, management directives, or other avenues of allegation or disclosure

    COMPETENCIES:

    Ability to gather, consolidate, analyze, and draw conclusions on the subject matter under consideration

     

    Knowledge of risk and internal controls specific to information technology, including but not limited to those risks and controls specific to system implementation / change management

     

    Knowledge of and ability to utilize computer aided auditing tools (CAAT)

     

    Knowledge of and ability to perform data mining and/or data analytics

     

    Thorough knowledge of and ability to apply generally accepted auditing standards (GAAS) and generally accepted accounting principles (GAAP)

     

    Proficiency in the use of statistical sampling methods and techniques

     

    Ability to coordinate and lead the work of others, either as individual contributors or in a project setting

     

    Ability to perform thorough risk assessments of various processes and departments

     

    Ability to gather and analyze information skillfully and develop alternative solutions

     

    Professionalism and strong client and team relationships

    QUALIFICATIONS

    MINIMUM EDUCATION AND/OR EXPERIENCE:

    Bachelor¿s degree in Business Administration in Information Systems, Accounting, Finance, MIS or related field plus six to seven years of related experience, to include three to four years experience specific to IT audit, or equivalent combination of education and/or experience related to the discipline.

    CERTIFICATES, LICENSES, REGISTRATIONS:

    Certified Information Systems Auditor (CISA), Certified Internal Auditor (CIA) or Certified Public Accountant (CPA), certification required. Progress towards certification may be considered.

    COMMUNICATION SKILLS:

    Strong written and oral communication skills

     

    Ability to interact with all levels of company personnel, external auditors and management

     

    Ability to write routine reports and correspondence

     

    Ability to speak effectively before groups of customers or employees of organization

     

    Ability to read and interpret documents such as safety rules, operating and maintenance instructions, and procedure manuals

    MATHEMATICAL SKILLS:

    Ability to work with mathematical concepts such as probability and statistical inference

     

    Ability to apply concepts such as fractions, percentages, ratios, and proportions to practical situations

    COMPUTER SKILLS:

    Knowledge of and ability to use audit management software and electronic work-paper systems

     

    In depth knowledge of Microsoft Office suite including advanced knowledge with Excel, Access and Word

     

    Knowledge of Visio, ACL, IDEA and other computer aided auditing tools

    ANALYSIS AND PROBLEM-SOLVING ABILITY:

    Ability to solve practical problems and deals with a variety of concrete variables in situations where only limited standardization exists. Ability to interpret a variety of instructions furnished in

     

    written, oral, diagram, or schedule form. Ability to gather, consolidate, analyze, and draw conclusions on the subject matter under consideration having a proficiency in the use of statistical sampling methods and techniques.

    PHYSICAL DEMANDS:

    While performing the duties of this job, the employee may be regularly required to sit up to 2/3 of the time and lift and/or move up to 10 pounds.

    WORK ENVIRONMENT:

    Office environment.

    JOB DESCRIPTION

    IT Auditor

     

    Salary Grade: G06

     

    Minimum Midpoint Maximum

     

    $74,796 - $100,975 - $127,152

     

    Given the financial nature of this position, this position has been defined as a position requiring a credit check. Prior to being hired, promoted, or transferred into the position, the candidate must successfully pass a credit background check.

    SUMMARY:

    Under general supervision, performs internal audits, detailed evaluations, internal control reviews of information systems, platforms, and operating procedures in accordance with corporate standards for efficiency, accuracy, security and regulatory compliance including Sarbanes Oxley compliance.

    ESSENTIAL DUTIES AND RESPONSIBILITIES:

    Plans, and executes Information Technology (IT) audit projects and the IT portion of integrated audits (other financial, operational, and compliance projects with an IT sub focus) using a thorough understanding of audit methodologies and processes (e.g., COSO, COBIT)

     

    Leads or assists in the execution of SOX compliance auditing of the IT General Controls (ITGCs), including the evaluation of the design of these SOX controls, the completion of ITGC SOX walk-throughs, and testing the effectiveness of ITGC SOX controls

     

    Designs, develops, and performs data analytic routines using computer-assisted auditing techniques and analyze data requirements to support technical components of detailed audit testing.

     

    Assists and trains other audit staff in the use of computer-assisted audit techniques, and in developing methods for review and analysis of computerized information systems

     

    Performs annual IT Risk Assessments; utilizes proficiency in IT infrastructure and IT auditing, evaluates IT infrastructure in terms of risk to the organization and evaluates controls in order to recommend improvements to current risk management controls

     

    Works with Internal Audit management, external auditor, and IT management to develop a risk-based Internal IT audit strategy that complies with professional standards (e.g., IIA, ISACA, GAAS, GAAP), including the requirements of Sarbanes-Oxley Act section 404

     

    Professionally represents the internal audit department when interacting with all levels of company personnel, external auditors and management

     

    Using proficiency in IT infrastructure, IT auditing and auditing methodologies and processes, evaluates IT infrastructure in terms of risk to the organization and evaluates controls in order to recommend improvements to current risk management controls

     

    Assists with efforts to evaluate system access, segregation of duties and evaluates the company¿s cyber security strategies and processes

     

    Consults, from an audit perspective, on new systems development/implementation projects

     

    Consults on IT systems compliance, business process optimization, profit improvement, internal control reviews and various risk assessment and security issues

     

    Conducts special studies as needed to discover root-cause deficiencies in IT systems and/or processes Recommends controls for prevention and/or system improvements

     

    Prepares reports of findings for senior management and/or Board of Director inquiries

     

    Conducts large-scale audits on any or all Electronic Data Processing (EDP) systems in response to Integrity Line calls, management directives, or other avenues of allegation or disclosure

    COMPETENCIES:

    Ability to gather, consolidate, analyze, and draw conclusions on the subject matter under consideration

     

    Knowledge of risk and internal controls specific to information technology, including but not limited to those risks and controls specific to system implementation / change management

     

    Knowledge of and ability to utilize computer aided auditing tools (CAAT) Knowledge of and ability to perform data mining and/or data analytics

     

    Thorough knowledge of and ability to apply generally accepted auditing standards (GAAS) and generally accepted accounting principles (GAAP)

     

    Proficiency in the use of statistical sampling methods and techniques

     

    Ability to perform thorough risk assessments of various processes and departments

     

    Ability to gather and analyze information skillfully and develop alternative solutions Professionalism and strong client and team relationships

    QUALIFICATIONS

    MINIMUM EDUCATION AND/OR EXPERIENCE:

    Bachelor¿s degree in business administration in Information Systems, Accounting, Finance, MIS or related field plus four to five years of related experience, to include one to two years¿ experience specific to IT audit, or equivalent combination of education and/or experience related to the discipline.

    CERTIFICATES, LICENSES, REGISTRATIONS:

    Certified Information Systems Auditor (CISA), Certified Internal Auditor (CIA) or Certified Public Accountant (CPA), certification preferred. Progress towards certification may be considered.

    COMMUNICATION SKILLS:

    Strong written and oral communication skills

     

    Ability to interact with all levels of company personnel, external auditors and management Ability to write routine reports and correspondence

     

    Ability to speak effectively before groups of customers or employees of organization

     

    Ability to read and interpret documents such as safety rules, operating and maintenance instructions, and procedure manuals

    MATHEMATICAL SKILLS:

    Ability to work with mathematical concepts such as probability and statistical inference

    Ability to apply concepts such as fractions, percentages, ratios, and proportions to practical situations COMPUTER SKILLS:

    Knowledge of and ability to use audit management software and electronic work-paper systems

     

    In depth knowledge of Microsoft Office suite including advanced knowledge with Excel, Access and Word Knowledge of Visio, ACL, IDEA and other computer aided auditing tools

    ANALYSIS AND PROBLEM-SOLVING ABILITY:

    Ability to solve practical problems and deals with a variety of concrete variables in situations where only limited standardization exists. Ability to interpret a variety of instructions furnished in

     

    written, oral, diagram, or schedule form. Ability to gather, consolidate, analyze, and draw conclusions on the subject matter under consideration having a proficiency in the use of statistical sampling methods and techniques.

    PHYSICAL DEMANDS:

    While performing the duties of this job, the employee may be regularly required to sit up to 2/3 of the time and lift and/or move up to 10 pounds.

    WORK ENVIRONMENT:

    Office environment.

     

    Employees in Services Company may be responsible for providing services to various Holding Company subsidiaries and affiliates.

    EQUAL OPPORTUNITY STATEMENT

    Safety Statement:

    Safety is a core value at (TXNM Energy/PNM/TNMP) and our vision, “everyone goes home safe”, reflects our commitment to promoting an environment conducive to learning, improving and building safety practices. Our safety value is built upon the belief that every employee deserves to work in an environment free from harm.

    Americans with Disabilities Act (ADA) Statement:

    TXNM Energy is committed to providing reasonable accommodations for qualified individuals with disabilities in compliance with the ADA. If you require assistance with the job application process due to a disability, please contact HR ADA Analyst, at 505-241-4627.

    DEI Statement:

    At TXNM Energy, we value the diversity of our workforce and actively seek opportunities for incorporating Diversity, Equity, and Inclusion (DEI) within our family of companies. We believe a diverse workforce enriches our environment and helps us better meet the needs of our employees, customers, and shareholders. We remain committed to attracting and sustaining a diverse workforce and retaining high-performing employees who work collaboratively to carry out the Company's purpose.

     

    TXNM Energy and affiliates are Equal Opportunity/Affirmative Action employers. Women, minorities, disabled individuals and veterans are encouraged to apply.