Internal Compliance Auditor

Location: Denver, CO

Position Summary

To protect company assets by developing and maintaining company policies and procedures; completing and/or assisting with internal and external SSAE 16 and PCI audits; ensuring compliance with regulations and internal controls; recommending improvements in internal control structure.

What You Are Accountable For

  • Compliance with PCI

  • Compliance with SSAE 16 SOC 2 Type 1,2

  • Ensuring internal and external policies are understood, enforced, and followed

  • Working with management and/or external auditors to create compliance reports

Knowledge, Skills, & responsibilities

  • Demonstrate and apply a thorough understanding of complex information systems and network technologies.

  • Broad exposure to internal audit operations, including performance of risk analysis, analytical reviews of data and development of audit programs.

  • Document business processes, identifying controls and control gaps, testing controls, documenting results of tests and management action plans.

  • Work closely with Director of Compliance and IT management to identify enterprise risks relevant to the organization.

  • Supports external auditors by coordinating information requests for PCI and SOC audits.

  • Work with Director of Compliance to prepare written audit reports.

  • Communicates with stakeholders regarding audit findings and relevant issues and manages periodic status meetings.

  • Delivers recommendations that provide management with insight into best practices and opportunities for increased efficiencies.

  • Performs vendor reviews and assists with vendor management and vendor audits, as needed.

  • Develops positive working relationships with management and control owners to foster an environment of open communications where Compliance is a trusted advisor.

  • Maintains knowledge of changes to best practices in IT process controls and auditing techniques to continuously improve internal compliance audit practices.

Education & Experience

  • Bachelor's degree from an accredited college or university required. Major in accounting or information technology field strongly preferred. CISA designation strongly preferred. Additional professional certifications (i.e. CISSP, CPA, CIA, CMS) and/or MBA desired. 

  • At least 3 years of IT audit, information security or combination of roles with audit execution experience.