IT Auditor

Our Company

Explore how you can contribute at AmeriLife.

For over 50 years, AmeriLife has been a leader in the development, marketing and distribution of annuity, life and health insurance solutions for those planning for and living in retirement.

Associates get satisfaction from knowing they provide agents, marketers and carrier partners the support needed to succeed in a rapidly evolving industry.

Job Summary

**Job Description**:
Job Title: IT Auditor

Description:
We are seeking a skilled and experienced IT Auditor to join our team. The IT Auditor will be responsible for responding to IT audits and other requests for information about the company’s and its affiliates’ IT security controls, and evaluating the effectiveness, efficiency, and security of information technology systems and infrastructure within our organization. This role involves assessing internal controls, identifying areas of risk, and recommending improvements to enhance the overall security and functionality of our IT environment.

Job Specific Duties:

- Respond to IT audits and requests for information from sophisticated insurance carriers and vendors.
- Evaluate the effectiveness of internal controls related to information security, data integrity, and system reliability.
- Identify potential areas of risk or vulnerability in IT systems and develop strategies to mitigate these risks.
- Perform detailed analyses of IT processes, including system configurations, access controls, and data management practices.
- Collaborate with IT teams to review and test security measures and controls.
- Prepare detailed reports documenting findings, recommendations, and proposed action plans for addressing identified deficiencies.
- Create IT policies and procedures that govern the company’s systems.
- Communicate results and make recommendations to key stakeholders in IT leadership.
- Stay current with industry trends, emerging technologies, and best practices in information security.
- Provide guidance and support to internal teams on compliance requirements, security protocols, and risk management strategies.
- Participate in ongoing IT risk assessments and contribute to the development of risk mitigation strategies and contingency plans.

Qualifications:

- Bachelor's degree in Information Technology, Computer Science, or related field. Advanced degree or professional certification (e.g., CISA, CISSP, CISM) preferred.
- Proven experience in IT auditing, information security, or risk management, preferably in a corporate or regulatory environment.

Knowledge, Skills & Abilities:

- Strong understanding of IT governance frameworks, such as COBIT, ISO 27001, and NIST Cybersecurity Framework.
- Knowledge of industry regulations and compliance standards, including GDPR, HIPAA, PCI DSS, NY DFS Cybersecurity Rule, and Sarbanes-Oxley Act (SOX).
- Excellent analytical skills with the ability to interpret complex data and identify trends or patterns.
- Effective communication skills, with the ability to convey technical information to non-technical stakeholders.
- Detail-oriented with strong organizational skills and the ability to manage multiple priorities and deadlines.
- Experience with audit tools and software, as well as proficiency in Microsoft Office suite.
- Commitment to upholding ethical standards and maintaining confidentiality of sensitive information.
- Establish good working relationships with Risk and Compliance department