Culver City, CA
Sr. IT Auditor, Risk and Control Department
Accountable for completing areas assigned for a wide range of information technology (IT), integrated SOX audits and ad-hoc projects at Risk and Control Department responsible for SPE's global operations. Working closely with Audit Managers and Directors of Risk and Control Department at SPE.
• Assist the Manager and/or Director in completing audit planning.
• Complete assigned areas for audits, SOX, and projects. Work closely with the Manager and/or Director to address any questions and issues timely.
• Complete assigned tasks by the provided deadlines. Communicate any delays to the Manager and/or Director.
• Test key controls and identify when there are control weaknesses (in the design or operating effectiveness of the control) or control gaps.
• Execute audit test plans (narrative, walkthrough, testing as applicable) for assigned areas effectively and timely, and keep the Manager and/or Director informed on status and progress.
• Assist in prepare audit reports that accurately summarize the most significant control weaknesses and resulting impacts to the organization.
• Occasionally assist operations team in financial audits.
• Identify issues or SOX deficiencies for the areas assigned to you, including ensuring that issues and SOX deficiencies are adequately supported and confirmed.
• Prepare thorough and well-organized workpapers.
• Continuously update the Manager and/or Director about the status of the audit areas you are assigned to.
• Minimum 3-5 years of experience in IT audit or relevant experience.
• Competencies around auditing IT applications and platforms such as operating systems (Windows, Linux), applications (SAP) and databases (Oracle, DB2, MS SQL), etc.
• Experience with data analytics (and tools).
• Working knowledge of:
• IT governance and delivery frameworks such as COBIT, ISO, NIST and ITIL.
• Cloud environments including SaaS, IaaS, PaaS, architecture/design, automation, system configurations, security and auditing.
• Networking, including architecture/design, TCP/IP protocol layers, Routing/Switching, wireless networking, VLANs, intrusion detection/prevention (IDS/IPS), firewalls, DNS and VPN.
• Windows operating system and Active Directory security, including users & groups, Group Policy, domain structures, security and auditing.
• UNIX / Linux operating system security, including users & groups, system configurations, file permissions, privileged accounts, password controls, security and auditing.
• Vulnerability assessment, network, security and database and IT auditing tools
• Foreign language proficiency a plus.
• Media or Entertainment industry experience is also a plus.
• Bachelor's degree in Computer Science, Computer Information Systems, or a related field is required.
• Certification such as CISSP or CISA is preferred, and other information technology certifications such as GIAC, CEH, CCNA and MCSE are a plus.
USA - Culver City - Studio Lot - CA01
Jobcode: Reference SBJ-g6z840-3-236-117-38-42 in your application.
Sony Pictures' global operations encompass motion picture production, acquisition and distribution; television production, acquisition and distribution; television networks; digital content creation and distribution; operation of studio facilities; and development of new entertainment products, services and technologies.