Audit is a fast-paced environment in which the successful candidate will be responsible for evaluating and testing Marathon's information system (IS) control environment. An IT Infrastructure auditor participates in reviews of internal controls within computer applications, technology infrastructure, and developing systems. Initially, this position will focus on technology infrastructure with opportunities to later focus on application controls. Technology infrastructure includes Mainframe, Windows, UNIX, VMWare ESX, SQL, Oracle, SAP, business and process control networks. An IT auditor has the potential to be exposed to operational and corporate infrastructures and its management during this assignment. The auditor gains an understanding of the IS operations, assesses the internal controls, and performs tests to ensure the controls are working as intended. The auditor meets with client management to discuss concerns and works with management in developing practical action plans to improve controls. The ideal candidate must be proactive and engaging, with the ability to work independently in the completions of audits and issuance of reports. Strong interpersonal skills are required. Given the nature of the company’s business, approximately 20-30 percent travel to domestic locations will be required. Training in the latest technologies is provided to develop necessary skill sets.
Auditors generally work in teams of 2-4 auditors and teams are comprised of a Lead Auditor and Staff Auditors. Audits typically last 4-6 weeks. New auditors will be assigned as staff auditors initially and progress to the lead auditor role. Lead and Staff auditor roles rotate from audit to audit.
1. Staff auditors are responsible for planning and executing their assigned audit work. This involves:
a. Interviewing process owners to understand and document the business processes, risks, and controls activities in place,
b. Developing the audit program,
c. Gathering audit evidence to test controls and documenting test results in TeamMate,
d. Analyzing test results and drawing conclusions on the adequacy and effectiveness of controls in place, and
e. Communicating control deficiencies to management and identifying potential solutions for deficiencies.
2. Lead auditors are responsible for planning audits, which includes:
a. obtaining background information on the business function being audited, performing a risk assessment, defining the audit scope and objectives, and assigning work responsibilities to staff auditors.
b. Monitoring fieldwork progress and reviewing audit work papers, and
c. Communicating audit results with management and writing audit reports.
3. Auditors attend external and internal training to build audit skills.
4. Auditors conduct audit assignments in accordance with professional standards and departmental policies and procedures.
5. Auditors maintain effective client relationships and provide guidance and counsel to management regarding internal controls.
Major Discipline: Computer Science; Management Information Systems (MIS)
Years Experience Required: Minimum 3 years of information technology (IT), internal audit, and/or Sarbanes-Oxley experience
Travel Required (%): 20-30%
Relocation considered (yes/no): Yes
Marathon Petroleum Corporation - 2 years ago