About the position
At Sempra, we tackle the biggest energy challenges that face our industry. Our high-performing team leverages the full capabilities of our organization to serve 40 million consumers across North America. By collaborating and challenging one another across multiple disciplines, we inspire our best work, ideas, and innovation. From increasing liquified natural gas (LNG) capacities to reducing carbon emissions to helping people prepare for the realities of climate change, we are committed to building a better energy future for all. The Senior Cybersecurity Auditor will work under the direction of the Project Manager or Principal Auditor to plan audits, determine scope, and develop project-specific risk and controls matrices. This role involves performing walkthroughs, design effectiveness assessments, and operational effectiveness testing, as well as documenting issues for inclusion in formal audit reports. The auditor will follow up with management on agreed corrective actions and work in teams on technology and integrated business audits. Additionally, the auditor may supervise junior members of staff. Key responsibilities include conducting audits of Information Technology infrastructure, operations, applications, development, and Cybersecurity to assess compliance with policies, standards, procedures, laws, and regulations. The auditor will effectively document assessment and testing results to support conclusions, findings, and recommendations in alignment with department standards. The role also involves assisting with assessing risks and recommending changes to improve IT controls, negotiating solutions, and preparing input for formal audit reports. The Senior Cybersecurity Auditor will represent the department as a business partner, adding value and supporting company objectives, while also mentoring other auditors as requested.
Responsibilities
- Plan audits, determine scope, and develop project-specific risk and controls matrices under the direction of the Project Manager or Principal Auditor.
- Conduct audits of Information Technology infrastructure, operations, applications, development, and Cybersecurity to assess compliance with policies, standards, procedures, laws, and regulations.
- Document assessment and testing results to support conclusions, findings, and recommendations in alignment with department standards.
- Assist with assessing risks and recommending changes to improve IT controls, negotiating solutions and corrective action plans.
- Prepare input to the formal audit report and effectively communicate audit results to management.
- Lead less complex audits or sections of larger audits as requested and under supervision.
- Work as an integral member of the Audit Services department to achieve departmental performance goals, including completing the annual audit plan on time and within budget.
- Represent the department as a business partner, adding value and supporting company objectives.
- Mentor other auditors as requested and develop and share center of excellence expertise.
- Perform other duties as assigned (no more than 5% of job duties).
Requirements
- Bachelor's Degree in any subject or equivalent experience, required.
- 5+ years audit, risk and controls, IT, cybersecurity, or information security experience.
- CISA certification, required.
- Valid California Driver's License, required.
Nice-to-haves
- Other professional certification (e.g., CISM, CISSP, CIA), preferred.
- Fluent business Spanish, preferred but not required.
Benefits
- Health and welfare (medical, dental, vision) coverage.
- Employer contributions to retirement benefits.
- Life insurance coverage.
- Paid time off.
- Tuition reimbursement.
- Paid parental leave.
- Employee assistance programs.
- Annual performance-based incentive (bonus).
- Merit-based recognition.
