24 Hour Fitness, INC. Sr. IT Auditor (Remote) in Carlsbad, California
LOCATION 1265 Laurel Tree Lane Suite 200 Carlsbad CA 92011
The Senior IT Internal Auditor assists with the coordination, planning and execution of Internal Audit projects and ongoing internal control initiatives within the Company and in accordance with annual IA plan approved by the Audit Committee of the Board of Directors.
This position will be actively involved in and play a leadership role in Internal Controls Over Financial Reporting (ICFR) with an emphasis on IT General Controls (ITGCs), business and operational process reviews, and re-engineering efforts designed to ensure scalable long-term solutions to support Company growth model. The Senior IT Auditor will be a technical expert for IT audit and internal control-related activities with specialized experience in current audit and internal controls best practices.
The position directly supports the continued integration and alignment of the compliance function, as well as proactively partnering with various business functions on identifying value-added business improvements to increase company profitability while mitigating risk.
ESSENTIAL DUTIES & RESPONSIBILTIES Estimated % of Time Spent
Execute Annual Internal Audit Plan as Approved by Audit Committee of Board of Directors
Internal Controls Over Financial Reporting (SOX) (90%) :
Lead IT SOX compliance effort by reviewing existing documentation, assessing design, refining documentation, recommending improvements and developing remediation plans (design assessment).
Lead ongoing SOX IT compliance effort including testing of controls across all in-scope applications (and underlying layers) and business process application controls for reliance by external auditors and management's assessment.
Perform detailed internal audit review procedures and partner the IA department and evaluation of documentation standards to meet external audit reliance strategy.
SOX project management including budget to actual analysis and performing timely status updates to comply with Company SOX objectives.
Developing and tracking remediation plans across various business owners and providing timely update reporting
Remain abreast of IT security and ICFR developments including but not limited to SEC, PCAOB, COSO, PCI DSS, and Cyber Security trends.
Internal Audit Projects :
Play a lead role during key process re-engineering and/or system implementation efforts to ensure SOX compliance, working closely with process owners and outside consultants/service providers (as required).
Plan and conduct complex IT integrated audit projects and operational review procedures, including but not limited to PCI/PII, Business Continuity/ Disaster Recovery, continuous monitoring procedures, providing recommendations to increase efficiency, improve control environment and to ensure compliance with company policies and procedures and/or applicable laws and regulations.
Partner with cross-functional compliance department and key business partners in providing insight and root-cause analysis based on detailed review and evaluation of large data sets.
Assist with refining current exception reporting framework, standardizing reporting/ benchmarking and triangulation of data across various internal and external systems and processes (increasing reporting efficiency through automation).
Assist with development of annual internal audit plan.
Prepare draft reports and recommendations.
Compliance and Business Integration (10%) :
Establish partnering relationships with various business functions (corporate and field), seeking to innovate and proposing recommendations for value-added improvements (e.g., best practices, cost avoidance and profit enhancement opportunities).
Provide leadership on continued efforts to integrate and align cross-functional ongoing monitoring procedures for compliance department.
This position interfaces with Finance and IT Departments. The position also interfaces regularly with other operational departments, and other business functions and third-party outsourced service providers. Reports to VPInternal Audit & Compliance.
Knowledge, Skills & Abilities
Extensive knowledge of IT controls and best practices (ICFR and PCAOB standards )
Advanced knowledge of the COSO frameworks, including principles and points of focus
Extensive knowledge of audit methodologies and documentation standard
Extensive knowledge of industry trends, IT security, and controls within applications, IT systems, servers, and IT Processes
Advanced understanding in the following areas: IT General Controls (ITGCs), IT Security, PCI DSS, SDLC, and Project Management
Knowledge of IT frameworks, standards and best practices (e.g. COBIT, ITIL, etc.)
Retail / PCI industry experience a plus
Proficient in MS Office skills (advanced skills in VBA and Access required)
Communication and Management Skills:
Excellent organizational skills
Outstanding leadership skills and ability to influence change
Strong initiative and assertiveness
Goal oriented and a team player
Ability to multi-task
Strong analytical and problem-solving skills
Written and verbal communication skills
Ability to work independently in a fast-paced growth environment
Minimum Educational Level/Certifications
- Bachelor's Degree in Information Systems, Computer Science, Accounting, Finance or related field.
Minimum Work Experience and Qualifications
5+years years of experience; preferably including 2 years as a senior associate for a Big 4 firm, a large regional accounting firm or as an internal audit senior associate
Master's degree in related field preferred
Physical Demands/ Environmental Conditions
Telephone usage to communicate with internal and external customers.
Sitting: frequent sedentary work.
Viewing computer monitor: average, ordinary visual acuity necessary to prepare document, enter data into computer system, read reports and from computer monitor
Keyboarding: use of fingers to make small movements such as typing.
Work is performed in a normal business office environment. Extended workdays are a frequent occurrence.
Based out of Corporate office in Carlsbad, CA and may involve some local travel to club/field locations (depending on Internal Audit project scope) -- up to 5% of time.
Knowledge, Skills & Abilities
- ACL or other data mining software experience/knowledge.
CISA, CISSP, CIA or CPA
Licenses or certifications related to internal audit and compliance
Work Experience and Qualification
Big Four Public Accounting experience
SOX experience with public company
Business process re-engineering experience and/or System Implementation
Experience in retail industry or multi-unit environment
DISCLAIMER: The above statements are intended to describe the general nature and level of work being performed by incumbents assigned to this job. This is not intended to be an exhaustive list of all the responsibilities, duties and skills required. The incumbent may be expected to perform other duties as assigned. This job may be reviewed as duties and responsibilities change with business necessity.
COMPLIANCE & INTEGRITY: Consistently supports compliance and Workplace Conduct by maintaining the privacy and confidentiality of information, protecting the assets of the organization, acting with ethics and integrity, reporting non-compliance, and adhering to applicable federal, state and local laws and regulations, accreditation and licensure requirements (if applicable), and 24 Hour Fitness' policies and procedures.
All Directors, Managers and Supervisors are accountable for communication, implementation, enforcement, monitoring and oversight of compliance policies and practices in their departments.
SERVICE & QUALITY: In addition to defined technical requirements, accountable for consistently demonstrating service behaviors and principles defined by 24 Hour Fitness as well as specific departmental/organizational initiatives. Also accountable for consistently demonstrating the knowledge, skills, abilities, and behaviors necessary to provide superior and culturally sensitive service to member and team members, contracted providers and vendors.
WORKPLACE SAFETY: In addition to defined working conditions and physical requirements, employees are accountable for working safely; following established policies & procedures; and reporting all injuries and hazards to their supervisor immediately.
Supervisors and Managers are accountable for ensuring the safety performance of employees; applying consistent practices in compliance with federal, state and local regulations; providing guidance to maintain a safe and healthy work environment.
FUNCTIONAL GROUP Corporate Operations