F5 Senior IT/Cyber Auditor 

United States, Washington, Seattle 

714868805

PrimaryResponsibilities:

• Assist in defining scope, approach, and project-specific risks for IA engagements included in the annual audit plan, contributing to annual risk assessments and audit plan development.
• Plan, document, and conduct complex audit assignments and projects, executing all aspects of IA projects independently and/or as a part of a team, with management input and oversight.
• Assist with special audits, consulting projects, and other assignments as requested.
• Develop an awareness of changes in IT audit practices, regulatory requirements, and IT Risk frameworks to understand their impact on auditing (e.g., NIST CSF/RMF, NIST 800-53/FedRAMP, NIST 800-218, NIST 800-161, Cloud Shared Responsibility Model, IaaS/PaaS/SaaS service models, Cloud Security Alliance (CSA), COBIT, ISO/IEC 270xx, PCI-DSS, SOC 2, etc.)
• Develop knowledge of policy, procedures, internal control concepts, and best practices to assess policy compliance, control design and effectiveness, and adherence to best practices.
• Build relationships with key stakeholders across F5, providing valuable business support as a trusted advisor on processes, risks, and controls prior to key process/system implementations.
• Conduct stakeholder interviews (to include observation, testing, and documentation) and audit fieldwork in accordance with IA department standards;
• Identify, document, and communicate issues, recommendations, and process improvement opportunities; and review/draft clear, concise IA findings and reports to present to management.
• Partner with IA stakeholders to develop corrective action plans
• Manage multiple projects concurrently and meet timely targets for assigned projects
• Develop skills to lead audit engagements and coach other auditors.
• Perform SOX IT General Controls (ITGC) testing of key IT and automated business processes, as required, in collaboration with IT Compliance and External Audit. Test key reports for accuracy and completeness via validation of report logic, source data, and input parameters.
• Maintain a concern for IA process improvement with a focus on methodology and execution, cost savings opportunities, and leveraging data analytics to provide valuable insights into the risk assessment and audit plan development process.

Other Responsibilities:

• Uphold F5’s Business Code of Ethics and model the Be F5/Lead F5 Behaviors.
• Promptly report violations of the Code or other company policies.
• Adhere to IIA standards and perform other related duties as assigned.

Knowledge, Skills, and Abilities:

• Understanding of internal control concepts and experience in applying them to plan, perform, manage, and report on the evaluation of various business processes, areas, and functions.
• Experience auditing and evaluating ITprojects/programs/systems(e.g., SDLC reviews), infrastructure, cybersecurity risks/controls and operating systems (Oracle experience is a plus)
• Must be able to work independently with limited direction, see the big picture while maintaining a strong attention to detail, and work on multiple projects with varying team members.
• Strong understanding of internal auditing standards, COSO/COBIT, risk assessment practices, technical aspects of accounting and financial reporting, and regulatory compliance.
• Strong interpersonal, organizational, and planning skills, with unquestionable ethics/integrity
• Strong communicator with the ability to disseminate issues via written reports and verbal discussions, document results, and prepare/present audit reports to peers and management.

Qualifications:

• BA/BS from an accredited university in MIS/IT/CS, business, finance, cybersecurity, or a related field (or equivalent education and work experience)
• 5+ years of IT audit,InfoSec/cybersecurity,and/or IS/IT experience in a public accounting firm or public company with a focus on security, privacy, ERM, GRC, and controls
• CISA / CISSP (preferred), CIA, CPA, CCSP, CISM
• IT auditing skills with familiarity in at least one of the following areas: Cyber Security including auditing an ISO 27001 ISMS; data analytics, Robotic Process Automation (RPA), system development & testing; UNIX; Windows; Oracle, SQL (Technology industry experience is a plus)
• Strong interpersonal skills to communicate effectively – both written and verbally – with technical and non-technical audiences and work with all levels of management.
• Exceptional organizational/time management skills, attention to detail, and diligence are required to document thought processes, validate assertions with logic, deliver quality work consistently, and adjust your approach as required based on management feedback.
• Ability to work a flexible schedule during key business deadlines.

Physical Demands and Work Environment:

• Duties are performed in a normal office environment while sitting at a desk/computer table
• Duties require the use of a computer, communication by phone, and reading printed material.
• Duties may require travel via car/plane, lifting up to 50lbs, and work outside of standard hours.

Benefits:

• Comprehensive medical, dental, and vision coverage; 401K with company match
• Generous paid vacation time, paid holidays and paid parental leave
• Quarterly Wellness Weekends to focus on personal and professional growth
• Global Good initiatives like employee matching, volunteering, and F5 Foundation
• Additional benefits include free transit cards, free vanpools, Social Thursdays, etc.
• Work/life integration programs like Freedom to Flex, dynamic employee inclusion groups, a comprehensive mentoring program, and rewards/recognition
• Tuition assistance for professional development

The Job Description is intended to be a general representation of the responsibilities and requirements of the job. However, the description may not be all-inclusive, and responsibilities and requirements are subject to change.

The annual base pay for this position is: $91,334.00 - $137,002.00