IT Auditor and Risk Advisor

**Job Title**:IT Auditor and Risk Advisor

**Job Level**:FIN C

**Date posted**:Aug 5, 2025

**Closing Date**:Aug 17, 2025

**Job Type**:Full-time Permanent

**Category**:Internal/External Opportunities

**Location**:Calgary

**Job Summary**

Reporting to the Director, Internal Audit & Enterprise Risk Management, the IT Auditor and Risk Advisor will have the opportunity to work on audits, advisories and management requests covering many areas of AltaLink’s operations with a specialization in Information Systems. You will be part of a team that evaluates the effectiveness of the company's risk management, control and governance processes. Assignments will include audits and reviews of various business processes, with the aim of determining the adequacy, effectiveness and/or efficiency of existing procedures. You will provide value-added recommendations and advice to management for improvements to operations in both specifically Information Systems and across the organization.

**Responsibilities**:

- Execute all aspects of risk-based audits including planning, interviews, document review and testing, process observation and analysis
- Build strong relationships and work collaboratively with stakeholders to identify areas for improvement and advise on risk and control best practices
- Report on the overall assessment of the audit including the aggregate impact of risks or weaknesses exposed, supporting conclusions and recommend appropriate actions to Senior Management
- Interview select personnel and document and assess business processes and information systems to determine the adequacy of the control environment
- Understand financial, operational and compliance risks which impact information systems
- Provide insight and guidance on the interpretation of reported exceptions/analytic output so that appropriate actions are taken
- Identify opportunities to optimize the audit process and develop improvements to existing risk management approaches
- Work with the business to identify and document effective internal controls over financial reporting (ICFR)
- Develop audit programs, complete field work, perform testing procedures, and document effectiveness results
- Build, develop and maintain strong relationships across the organization, to encourage the early and open discussion of issues arising and joint commitment to problem solving
- Share industry knowledge and technical expertise with team members
- Assist in the preparation of the annual audit plan and quarterly reports submitted to the Audit Committee

**Requirements**:
**Qualifications**:

- Bachelor’s degree and interest in working towards appropriate professional designation (CPA, CIA, CISA, CRM, CRISC)
- 4+ years of risk management, internal audit or business process improvement experience required
- Solid understanding of risk management processes and internal control frameworks (COSO or COBIT strongly preferred)
- Solid understanding of cyber security principles and frameworks such as NIST and ISO 27001
- ISO 27001 lead auditor certification or similar experience is considered an asset
- Solid analytical skills and ability to understand complex business concepts, functions or processes, identify risks and mitigation activities, assess effectiveness of those activities and develop recommendations for issues identified
- Demonstrated knowledge of networks technology, operating systems, system development, client/server architecture, cloud and virtual machines platforms and how they interact with business processes
- Experience auditing SAP security controls and knowledge of other SAP GRC modules
- Knowledge of Critical Infrastructure Protection (CIP) and Critical Security Controls (CSC) preferred
- Experience and knowledge in data analytics, continuous monitoring/auditing and report preparation, leveraging tools such as SQL, ACL, Alteryx, Tableau, Microsoft Access, Excel
- Advanced communication skills, both verbal and written, with the ability to express thoughts in an organized, concise manner and listen to the issues of others in a manner that elicits cooperation and support
- Ability to work independently as well as demonstrate good teamwork
- Ability to multi-task, attention to detail, strong analytical skills, healthy professional skepticism
- Proven ability to partner effectively across all levels of an organization and develop positive working relationships.

**Notes**:
AltaLink employees should be aware that we may contact your manager during the selection process. Some positions may require job specific assessments, regular criminal record checks, additional AltaLink training, medical assessments, annual drivers abstract, and drug tests. Please contact the Hiring Manager or Recruiter for further clarification if required.

At AltaLink, we celebrate diversity and inclusion. We are committed to fair employment practices, and all qualified applicants will receive consideration for employment regardless of race, religious beliefs, colour, g