Lead It Auditor (Remote)

The California Independent System Operator (ISO) manages the flow of electricity across the high-voltage, long-distance power lines that make up 80 percent of California's power grid. We safeguard the economy and well-being of 30 million Californians by operating the grid reliably 24/7.

As the impartial grid operator, the California ISO opens access to the wholesale power market that is designed to diversify resources and lower prices. It also grants equal access to 25,865 circuit-miles of power lines and reduces barriers to diverse resources competing to bring power to customers.

The California ISO's function is often compared to that of air traffic controllers. It would be grossly unfair for air traffic controllers to represent one airline and profit from allowing that company's planes to go through before others. In the same way, the California ISO operates independently—managing the electron traffic on a power grid we do not own—making sure electricity is safely delivered to utilities and consumers on time and reliably.

The California ISO is committed to the health, safety, and work/life integration of it employees and is proud to offer flexible work arrangements. This position would be eligible to participate in a hybrid or fully remote schedule.

Under the general direction of the Director, Audit and Advisory Services, plans and executes internal audits of information technology areas and supporting infrastructures. These audits include, but are not limited to, testing internal controls, evaluating processes against applicable regulations, company policies, procedures and accepted professional standards and industry best practices. Prepares comprehensive well-written audit reports summarizing the audit scope, results of test work, findings and recommended corrective actions. Supports other audit staff with testing the technical components of operational reviews. Performs follow-up reviews on items identified in issued audits to ensure corrective actions have been implemented.

What You Will Be Doing:

• Adheres to the corporate records management policies, procedures and guidelines, including the approved records retention schedule. Maintains records using approved corporate tools, and stays abreast with required training.
• Provides consulting services, as requested, to assist management in meeting its objectives while maintaining independence and objectivity. Supports business units in identifying and evaluating process controls and advocates for sound process controls.
• Executes audit test work, which may include utilizing data analysis software to test large populations of data.
• Lead, prepare and perform assigned audits: For each assigned audit, develop an audit kickoff memorandum; prepare an engagement planning memo that defines the preliminary audit objectives, scope and key risks; develop a risk and control matrix that defines the controls that appear to be in place to mitigate the risks and audit programs that define procedures that will be performed to test the controls; develop engagement working papers that provide clear evidence and support for audit conclusions reached, and prepare a well-written audit report that provides an overview of the area audited and clearly summarizes the results of the audit.
• Continually evaluates and enhances the internal audit framework and processes.
• Participates in the development of the annual internal audit risk assessment and audit plan.
• Conducts follow-up audits to ensure audit recommendations have been implemented and prepares memos summarizing the results of activities.
• Performs special reviews and investigations as requested by ISO Executive Management or the Audit Committee.

Level of Education and Discipline

• Bachelor's degree (BA, BS) in Information Technology, Management Information Systems, Accounting or related field or equivalent education, training and experience.

Amount of Experience

• Six or more years of related experience.

Certifications

• Certified Information Systems Auditor (CISA). Certified Information Security Manager (CISM) or Certified Information Systems Security Professional (CISSP) required. Certified Internal Auditor (CIA) designation preferred.

Type of Experience

• Excellent analytical, logical, verbal and written communication skills required.
• Must be able to work effectively in a team environment as leader, facilitator and team member.
• Familiar with the electric industry and CAISO processes and systems a plus.
• Hands on experience with data analysis tools such as SAS or ACL and continuous monitoring.
• Experience conducting audits in technical areas such as application controls, information security, change management, business continuity and incident management.
• Experience in sensitive investigations experience, fraud identification, and problem-solving skills are desired.
• Must be able to handle a dynamic and changing work environment, multiple assignments, and work well independently and with others.
• Solid understanding of information technology, security and governance best practices such as NIST, ISO, 27000, ITIL and internal auditing standards promulgated by the Institute of Internal Auditors.
• Working knowledge of NERC Critical Infrastructure Protection (CIP) Reliability standards preferred.

The pay range for this position is $128,475 - $214,125 / year.

All your information will be kept confidential according to EEO guidelines.