Specialist- IT Auditor

Ciena is committed to our people-first philosophy. Our teams enjoy a culture focused on prioritizing a personalized and flexible work environment that empowers an individual’s passions, growth, wellbeing and belonging. We’re a technology company that leads with our humanity—driving our business priorities alongside meaningful social, community, and societal impact.

POSITION SUMMARY:  This position executes scope of work for assigned audits and supports Ciena’s success by evaluating and improving risk management, the control environment, governance processes and operational effectiveness, using a disciplined, collaborative approach in support of the Audit Committee and management.  Incumbent will conduct audit fieldwork across global processes and locations using established audit plans as a guide.  Audit tests will include manual procedures, automated tools and require creation and maintenance of workpaper evidence to support work performed.  Work may require individual contributor or team participation as dictated by audit subject matter.  Regular interaction with business partners and Internal Audit team members is required using written and verbal communications.  International travel up to 20% may be required. 

ESSENTIAL DUTIES AND RESPONSIBILITIES

• Perform financial, Sarbanes-Oxley, compliance and operational audits professionally in accordance with the Institute of Internal Auditors Professional Practices Framework.
• Test internal controls and assess the design, execution and effectiveness of associated key control processes.
• Identify process improvements that reduce cost or errors, or improve operational efficiency.
• Test automated controls.
• Interview individuals in areas under audit to gain understanding of how processes and internal controls operate.
• Perform audit tests with minimal direction from Senior Auditor or Manager.
• Perform audit tests to evaluate existence, efficiency and effectiveness of internal control procedures and adequacy of control documentation.
• Assist in oral and written presentations to management during and at conclusion of audits, discussing deficiencies, corrective action and improvements in internal controls or operations.
• Ability to communicate highly technical IT concepts to the non-IT business partners.
• Provide timely communication of issues and audit status updates to IT Audit Manager/Leader.
• Prepare written audit issues for inclusion in closing meeting and audit report.
• Aid Manager/Leader in evaluating risks and controls for new or revised processes.
• Create or modify test plans with minimal oversight or review from Leader or Manager in order to accomplish audit objectives.
• Prepare audit workpapers, documenting audit steps and ensuring information is clear, concise, accurate, in logical format and in accordance with standards.
• Assist external auditors by preparing workpapers and schedules.
• Assist in special projects as assigned.
• Maintain knowledge of rules, regulations and standards in the fields of internal audit, IT and related matters of interest to the department.
• Understanding of audit terminology – residual risk vs inherent risk, audit risk, issue remediation, sample size selection, sampling methodologies – haphazard, random, judgmental.
• Familiarity with IT control frameworks – COBIT, COSO, NIST, 18 CIS controls - Formerly the SANS Critical Security Controls (SANS Top 20), CSX (cybersecurity fundamentals certificate)
• Understanding of IT concepts including but not limited to Active Directory, SDLC, DevOps, Secure Coding, CIA Triad (Confidentiality, Integrity and Availability), Cloud Computing, Agile, SOC 1 and 2, 3rd party risks, Mobile Device Management, Least Privilege, Segregation of Duties, Patch Management, Vulnerability Assessment, Service Desk Processes, Databases, Operating Systems, System Architecture, Firewalls,

SKILLS

• Demonstrated understanding of business processes and, where applicable, related financial effects
• Demonstrated critical thinking and analytical skills
• Knowledge of the IIA International Professional Practices Framework (IPPF)
• Knowledge of the COSO internal control model, Sarbanes-Oxley requirements and internal controls best practices
• Strong time management skills
• Strong interpersonal, oral and written communication skills
• Proficient with MS Excel

• Familiarity with Oracle or similar ERP System
• Familiarity with automated audit tools (AuditBoard, IDEA preferred)
• Highly ethical, team oriented, flexible, inquisitive, logical
• Ability to maintain objectivity, confidentiality and integrity
• Ability to work across all levels and organizations of the company
• Highly motivated with the ability to handle multiple tasks at the same time
• Ability to adapt to changing priorities and work in a fast paced environment
• Ability to work effectively across multiregional audit teams
• Self starter who constantly seeks ways to improve themselves or the methodology

EDUCATION and/or RELEVANT EXPERIENCE

• Required Degree: BS/BA or equivalent experience
• Preferred Major: Computer Science/Management Information Systems,  or related discipline
• 6+ years of internal audit experience in a corporate environment
• Sarbanes Oxley compliance testing and operational audit experience desired
• Preferred CISA or current candidate.