2023 IT Audit Consultant Spring Intern

Position Summary

This is a role for individuals who are interested in pursuing a career in professional services, specifically in the field of Information Technology (IT) Audit. IT Audit Staff will focus on developing skills, building their technical skill base, understanding and executing diligent client service, and becoming oriented to the Firm's practices, policies, and culture. Work is performed under close supervision. Responsibilities increase with demonstrated skill.

The Technology Risk and Compliance (TRC) major service offerings include IT Audit, SOC1, SOC2, PCI, HIPAA, and cybersecurity initiatives. In addition, TRC supports financial statement audit teams and internal audit teams with documenting and testing IT controls. The IT Audit intern will assist the TRC team in gaining an understanding of client environments, IT risks, controls to address those risks, and testing of the design and operating effectiveness of those controls.

Experience or a major in Information Technology is not required, but candidates should have an interest in IT and controls.

**This role can sit in St. Louis, MO or Remotely  

Tasks

* IT Audit engagements: Basic audit acumen is needed, including the ability to grasp concepts quickly and demonstrate knowledge of basic technical skills, as well as related knowledge of common systems and procedures.

* Communication skills: IT auditors need strong technical and business communication skills. IT auditors need to speak the language of all stakeholders so they can translate complex technical problems into quantifiable business decisions.

* Ability and willingness to train others in general IT audit skills: Because much of what IT consultants learn is through on the job training, IT consultants must be able to train coworkers and subordinates in the fast-paced environment of IT consulting.

* The ability to understand new technologies in a short-time period: With the accelerated development of new technologies and increasing sophistication of hackers, IT auditors must be able to stay on top of the most current trends.

* Decision making: IT auditors are expected to make well-thought-out decisions and consider all facts prior to making final conclusions.

* Regulatory standards: IT auditors are expected to follow regulations and professional ethics standards bodies, such as the AICPA.

* Time keeping: Auditors are expected to track time and maintain designated chargeable hours for the year.

* Quality control: Auditors are expected to ensure quality control procedures are being executed under direction of engagement supervisor, and perform thorough self-review of all work prior to submission.

Skills

• Active Listening - Giving full attention to what other people are saying, taking time to understand the points being made, asking questions as appropriate, and not interrupting at inappropriate times.
• Reading Comprehension - Understanding written sentences and paragraphs in work related documents.
• Speaking - Talking to others to convey information effectively.
• Writing - Communicating effectively in writing as appropriate for the needs of the audience.
• Social Perceptiveness - Being aware of others' reactions and understanding why they react as they do.
• Mathematics - Using mathematics to solve problems.
• Computer Skills – Ability to operate spreadsheet, word processing and email programs.

Experience and Education

• Pursuing a Bachelor in Accounting, Information Systems, or similar with an interest in IT Audit
• Demonstrate knowledge of basic business, technology, and audit principles/standards

Must have a desire to work toward achieving one or more of the following in the future:

• Certified Public Accountant (CPA)
• Certified Information Systems Auditor (CISA): ISACA's globally recognized cornerstone certification for IS, audit, control, assurance, and security professionals who control, monitor, and assess an organization's information technology and business systems. This is considered the current industry standard for IT auditors.
• Certified Information Systems Security Professional (CISSP): An independent information security certification governed by the International Information Systems Security Certification Consortium, also known as ISC², which provides security training to information assets.
• Certified Information Security Manager (CISM): ISACA's certification program for those who manage, design, oversee, or assess an enterprise's information security.