Sandia National Laboratories is the nation’s premier science and engineering lab for national security and technology innovation, with teams of specialists focused on cutting-edge work in a broad array of areas. Some of the main reasons we love our jobs:
Challenging work with amazing impact that contributes to security, peace, and freedom worldwide
Extraordinary co-workers
Some of the best tools, equipment, and research facilities in the world
Career advancement and enrichment opportunities
Flexible work arrangements for many positions include 9/80 (work 80 hours every two weeks, with every other Friday off) and 4/10 (work 4 ten-hour days each week) compressed workweeks, part-time work, and telecommuting (a mix of onsite work and working from home)
Generous vacations, strong medical and other benefits, competitive 401k, learning opportunities, relocation assistance and amenities aimed at creating a solid work/life balance*
World-changing technologies. Life-changing careers. Learn more about Sandia at: http://www.sandia.gov*These benefits vary by job classification.
WHAT YOUR JOB WILL BE LIKE:
We are seeking an experienced IT Auditor to join our team.
On any given day, you may be called on to:
Develop and conduct IT audit risk assessment and IT internal audit programs covering systems, applications and IT processes and in accordance with internal audit policies, procedures, methodologies, and Standards for the Professional Practice of Internal Auditing including:
IT security audits (e.g. network, operating system, database and data center), including evaluating if security vulnerabilities are properly identified and mitigated. Information general computing and application control audits.
Various audits of IT management policies and procedures such as IT governance, change management, business continuity planning/ disaster recovery and information security to ensure that controls surrounding these processes are adequate.
Coordinate the scope and performance of these reviews and discuss audit results with all levels of management and staff.
Develop audit reports in accordance with internal audit policies, procedures, methodologies, and Standards for the Professional Practice of Internal Auditing.
Communicate complex technical issues in simplified terms.
Participate in risk assessments in support of annual audit plan.
Evaluate and recommend improvements to IT practices, processes, and control procedures.
Successfully complete assigned training requirements.
Participate in Center Teams. Assist the center as needed in ad-hoc requests and projects. Assist in the maintenance of TeamMate.
Hybrid workThe selected applicant can work a combination of onsite and offsite work. The selected applicant must live within a reasonable distance for commuting to the assigned work location when necessary.
QUALIFICATIONS WE REQUIRE:
Bachelor’s degree in a relevant discipline (Note: Relevant disciplines may include Management Information Systems, Computer Science, Engineering, or comparable), plus (5) years of experience, and/the combination of experience and education or a Master's in a relevant discipline and (1) year of experience. Minimum of (3) years’ experience in IT Audit, Internal Audit or Business Process Improvement.
Solid understanding of IT Risk and the various IT Control frameworks.
Ability to obtain and maintain a DOE Q-level security clearance.
QUALIFICATIONS WE DESIRE:
Ability to identify risks and controls. Ability to develop appropriate testing methodologies to test controls. Ability to accurately interpret results.
Ability to assess efficiency and effectiveness of processes and systems.
Sound professional judgment, critical thinking, analytical and problem-solving skills.
Effective oral and written communication and presentation skills.
Ability to develop and nurture effective relationships internal and external to the organization.
Active CISA, CPA, CFE, CIA or similar related certification
Basic knowledge of Cyber Security.
Knowledge of IT hardware, operating systems, networks, telecommunication, databases and applications.
Experience investigating IT systems (hardware and software) for control weaknesses and potential risks.
Experience with software development lifecycle concepts.
Experience developing and organizing concise, coherent, well organized, notes, presentations, reports, etc.
Experience teaming productively with technical communicators and management on the preparation and editing of presentation materials and audit reports.
Skills and knowledge, gained through experience and or training, of performing IT and/or other audits and/or assessments.
ABOUT OUR TEAM:
Internal Audit of Financial, Information Technology (IT), Cyber Security, Business Operations, Environmental Safety & Health (ES&H) and Safeguards and Security provides assurance to Sandia management and the Board of Managers by performing essential independent and objective appraisals, analyses, audits, and advisory services. As an integral part of Sandia's risk assessment and risk management strategy, our services are aligned with strategic management objectives, consistent with our company's core values and known best business practices. We use a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes. Our auditors typically have backgrounds in accounting, business administration, finance, computer science, management information systems, engineering, geology, biology, and/or public health.
POSTING DURATION:
This posting will be open for application submissions for a minimum of seven (7) calendar days, including the ‘posting date’. Sandia reserves the right to extend the posting date at any time.
SECURITY CLEARANCE:
Sandia is required by DOE to conduct a pre-employment drug test and background review that includes checks of personal references, credit, law enforcement records, and employment/education verifications. Applicants for employment need to be able to obtain and maintain a DOE Q-level security clearance, which requires U.S. citizenship. If you hold more than one citizenship (i.e., of the U.S. and another country), your ability to obtain a security clearance may be impacted.
Applicants offered employment with Sandia are subject to a federal background investigation to meet the requirements for access to classified information or matter if the duties of the position require a DOE security clearance. Substance abuse or illegal drug use, falsification of information, criminal activity, serious misconduct or other indicators of untrustworthiness can cause a clearance to be denied or terminated by DOE, resulting in the inability to perform the duties assigned and subsequent termination of employment.
EEO:
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, or veteran status and any other protected class under state or federal law.
NNSA Requirements for MedPEDs:
If you have a Medical Portable Electronic Device (MedPED), such as a pacemaker, defibrillator, drug-releasing pump, hearing aids, or diagnostic equipment and other equipment for measuring, monitoring, and recording body functions such as heartbeat and brain waves, if employed by Sandia National Laboratories you may be required to comply with NNSA security requirements for MedPEDs.
If you have a MedPED and you are selected for an on-site interview at Sandia National Laboratories, there may be additional steps necessary to ensure compliance with NNSA security requirements prior to the interview date.
Job ID: 691982
Bachelor’s degree in a relevant discipline (Note: Relevant disciplines may include Management Information Systems, Computer Science, Engineering, or comparable), plus (5) years of experience, and/the combination of experience and education or a Master's in a relevant discipline and (1) year of experience. Minimum of (3) years’ experience in IT Audit, Internal Audit or Business Process Improvement.
Solid understanding of IT Risk and the various IT Control frameworks.
Ability to obtain and maintain a DOE Q-level security clearance.
Sandia National Laboratories is the nation’s premier DOE science and engineering lab for national security and technology innovation. Our team of scientists, engineers, researchers, and business specialists apply their knowledge and skill toward delivering cutting-edge technology in an array of areas.
Across our main sites in Albuquerque, NM, and Livermore, CA, our research ranges from nuclear defense and homeland and global security to innovative work in biotechnology, environmental preservation, energy, and cyber security.
Our teams have shared some of the reasons they enjoy working at Sandia:
• Challenging work with amazing impact that contributes to security, peace, and freedom worldwide
• Extraordinary co-workers
• Access to some of the best tools, equipment, and research facilities in the world (tours.sandia.gov)
• Career advancement and enrichment opportunities
• Work-life balance with flexible work schedules, competitive benefits, and convenient on-site amenities
Website
http://www.sandia.gov
Industry
Defense and Space Manufacturing
Company size
10,001+ employees
Headquarters
Albuquerque, NM
Founded
1949
Specialties
Defense, Energy, Homeland Security, Environmental Sciences, Biotechnology, and Cybersecurity
