Job Description

About Sandia:

Sandia National Laboratories is the nation’s premier science and engineering lab for national security and technology innovation, with teams of specialists focused on cutting-edge work in a broad array of areas. Some of the main reasons we love our jobs:

• Challenging work with amazing impact that contributes to security, peace, and freedom worldwide
• Extraordinary co-workers
• Some of the best tools, equipment, and research facilities in the world
• Career advancement and enrichment opportunities
• Flexible work arrangements for many positions include 9/80 (work 80 hours every two weeks, with every other Friday off) and 4/10 (work 4 ten-hour days each week) compressed workweeks, part-time work, and telecommuting (a mix of onsite work and working from home)
• Generous vacations, strong medical and other benefits, competitive 401k, learning opportunities, relocation assistance and amenities aimed at creating a solid work/life balance*

World-changing technologies. Life-changing careers. Learn more about Sandia at: http://www.sandia.gov*These benefits vary by job classification.

What Your Job Will Be Like:

Sandia National Laboratories is seeking an experienced Internal Auditor to work alongside management in executing the Internal Audit’s Quality Assurance & Improvement Program. This position is crucial for delivering high-quality, consistent, and risk-focused assurance work through the execution of quality assurance (QA) reviews of IT/cybersecurity, business operations, and environmental, health, safety, and security audits and advisory services. The successful candidate will improve processes to optimize the efficiency and effectiveness of assurance work by undertaking quality assurance reviews, providing training based on QA feedback, and contributing to changes in audit methodology and policy. This role does not have direct report responsibilities and reports directly to the Internal Audit Senior Manager.

Key Responsibilities:

• Execute quality assurance reviews of completed assurance engagements to assess the adequacy and effectiveness of audit planning, execution, and reporting against established with internal audit policies, procedures, methodologies, regulatory requirements, and professional standards set by the Institute of Internal Auditors (IIA). Monitor adherence to internal audit methodologies, professional standards, and relevant regulations and frameworks (e.g., NIST, COSO, ISO, OSHA, CAS, ITIL, COBIT); ensuring consistency in audit practices across internal audit teams and identifying potential issues and recommending corrective actions.
• Participate in the development and maintenance of internal audit methodologies, including risk assessments, audit procedures, and documentation standards to optimize audit efficiency and effectiveness.
• Collaborate with the management to assess the organization's key risks and develop audit plans that prioritize high-risk areas.
• Build strong relationships with key stakeholders across Sandia and the DOE enterprise to understand operational and compliance needs and ensure effective communication of audit findings and recommendations.
• Proactively monitor for changes to industry and regulatory requirements, guidance, and pronouncements; serve as the technical expert for the Internal Audit group, communicating complex technical issues in simplified terms and reviewing and approving test plans, workpapers, analyses, reports, and presentations.
• Provide ongoing training and coaching to internal audit staff on quality standards, audit techniques, and best practices to enhance their audit skills and knowledge.
• Participate in quality assurance peer reviews of other sites to support the Internal Audit’s Quality Assurance and Improvement Program.
• Assist as needed in ad-hoc requests and projects.
• Identify various information technology risks to hardware and software systems, network security infrastructure, including operational or compliance risks, and make recommendations for corrective actions and mitigation.
• Evaluate complex information systems and controls, including application suites, automated control processes, change control management procedures, mobile device and code security, networks, and enterprise data center operations.
• Stay current with new technologies and industry trends and best practices to enhance the effectiveness of audit processes.

The selected applicant can work a combination of onsite and offsite work. The selected applicant must live within a reasonable distance for commuting to the assigned work location when necessary.

The ability to travel may be necessary and normally does not exceed (10) percent of time.

Salary Range:

$127,900 - $217,400

*Salary range is estimated, and actual salary will be determined after consideration of the selected candidate's experience and qualifications, and application of any approved geographic salary differential.

Qualifications We Require:

• Bachelor’s degree in a relevant discipline plus (12) years of relevant experience and/or the equivalent combination of education and experience that demonstrate the knowledge, skills and ability to perform the duties at the Distinguished job level. (Note: Relevant disciplines may include Audit, Project Controls Systems, Management Information Systems, Computer Science, Engineering, or comparable).
• Demonstrated knowledge of internal audit standards and methodologies.
• Understanding of multiple technology domains and associated controls.
• Experience using or administering automated internal audit software such as TeamMate.
• Certified Internal Auditor (CIA) designation or ability to obtain designation within 18 months of hire.
• The ability to obtain and maintain a DOE Q-level security clearance.

Qualifications We Desire:

• Masters degree in Management Information Systems, Computer Science, Accounting, Business Administration, or related discipline.
• Certified Information Systems Auditor (CISA) certification, Certified Information Systems Security Professional (CISSP) certification or ability to obtain such certification.
• Technical knowledge of information systems and lifecycle engineering processes such as top-level functional designs, risk analysis, quality engineering, configuration management, testing, reverse engineering, component integration, information security, system administration, and network design.
• Understanding of project management of information systems technical or operational work.
• Experience teaming productively with technical communicators and management on the preparation and editing of presentation materials and audit reports.
• Experience leading and/or supervising teams.
• Excellent communication and interpersonal skills to effectively interact with various levels of management and audit staff.
• Proficiency in data analysis tools and techniques (e.g., CAAT, SQL, VBS, Perl or shell scripting or programming languages such as C or C++, EXCEL) to identify trends and patterns within audit data; strong analytical and problem-solving skills to identify potential audit issues and develop effective solutions.
• Ability to continuously develop knowledge of audit tools and techniques to ensure quality audit work.

About Our Team:

Internal Audit of Financial, Information Technology (IT), Cyber Security, Business Operations, Environmental Safety & Health (ES&H) and Safeguards and Security provides assurance to Sandia management and the Board of Managers by performing essential independent and objective appraisals, analyses, audits, and advisory services. As an integral part of Sandia's risk assessment and risk management strategy, our services are aligned with strategic management objectives, consistent with our company's core values and known best business practices. We use a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes. Our auditors typically have backgrounds in accounting, business administration, finance, computer science, management information systems, engineering, geology, biology, and/or public health.

Posting Duration:

This posting will be open for application submissions for a minimum of seven (7) calendar days, including the ‘posting date’. Sandia reserves the right to extend the posting date at any time.

Security Clearance:

Sandia is required by DOE to conduct a pre-employment drug test and background review that includes checks of personal references, credit, law enforcement records, and employment/education verifications. Applicants for employment need to be able to obtain and maintain a DOE Q-level security clearance, which requires U.S. citizenship. If you hold more than one citizenship (i.e., of the U.S. and another country), your ability to obtain a security clearance may be impacted.

Applicants offered employment with Sandia are subject to a federal background investigation to meet the requirements for access to classified information or matter if the duties of the position require a DOE security clearance. Substance abuse or illegal drug use, falsification of information, criminal activity, serious misconduct or other indicators of untrustworthiness can cause a clearance to be denied or terminated by DOE, resulting in the inability to perform the duties assigned and subsequent termination of employment.

EEO:

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, or veteran status and any other protected class under state or federal law.

NNSA Requirements for MedPEDs:

If you have a Medical Portable Electronic Device (MedPED), such as a pacemaker, defibrillator, drug-releasing pump, hearing aids, or diagnostic equipment and other equipment for measuring, monitoring, and recording body functions such as heartbeat and brain waves, if employed by Sandia National Laboratories you may be required to comply with NNSA security requirements for MedPEDs.

If you have a MedPED and you are selected for an on-site interview at Sandia National Laboratories, there may be additional steps necessary to ensure compliance with NNSA security requirements prior to the interview date.

Job ID: 694546

Job Family: AM

Regular/Temporary Position: R

Full/Part-Time Status: F

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status.