Job detail

IT Auditor

Tacoma, WA

Heritage Bank is seeking an IT Auditor at our Northern Operations Center in Lynnwood, Washington. The IT Auditor is responsible for planning, organizing, scheduling, performing and/or leading audits of IT general and application controls, IT processes, project management and data integrity, and examines the accuracy and completeness of records and procedures for internal control to safeguard Bank assets, and ensures areas of the Bank are in compliance with policies, procedures, regulations and laws. Leverages knowledge of systems and data and participates in an integrated audit environment with IT and non IT auditors.

Preferred geographical location is Lynnwood, WA. Depending on experience, the Southern Operations Center in Tacoma, WA may be considered.

The successful candidate will be able to:   

  • Develop and perform IT/IS audit programs, including determining audit objectives and scope, procedures, and internal control reviews, to ensure compliance with policies and procedures.
  • Schedule and perform audit testing; document testing results in the audit program and prepares audit reports within established timelines. Present audit findings to management, and monitor and follow up on all audit findings.
  • Obtain and maintain a broad understanding of IT and its external environment. Keep current on new programs or business changes, and relevant risk implications, compliance standards and legal and regulatory requirements impacting the industry.
  • Complete special projects, to include but is not limited to, investigations of fraud, acquisition audits, valuations of systems under development, review of potential conflicts of interest and other consultative work for the Bank.
  • Monitor and test SOX IT controls.
  • Understand and maintain working knowledge of, and ensures bank activities are performed in compliance with, all state and federal banking laws and regulations applicable to assigned area.
  • Assist in the development of audit risk assessments and the annual audit plan.
  • Attend Audit Committee meetings, as needed.
  • Participate in planning, organizing, scheduling, and performing operational and other audits, as requested and needed.


  • Bachelor’s degree in Information Technology, Information Systems, Computer Engineering, Business Administration, Accounting, or relevant course of study - required.
  • 2 or more years’ recent and relevant professional experience in IT auditing or closely related field conducting integrated audits alongside operational and financial auditors, in a financial services industry – required. 
  • Professional certification, such as, CISA, CIA, or CISSP or equivalent required.  
  • Equivalent combination of education, certifications and work related experience may be considered.
  • Provides an exceptional level of quality service and responds to internal customer needs, questions and concerns in an accurate, effective, and timely manner, to solicit feedback to improve service.
  • Ability to work and collaborate with external/internal auditors.
  • Effective listening, verbal and written business communication skills, including effective questioning strategies and presentation skills and ability to communicate effectively, clearly and persuasively in a variety of settings, formats, and audiences, across business lines at all levels; with the ability to read, write, speak, and understand English well.
  • Ability to communicate outstanding/follow up issues over the phone, in person and via email to a variety of audiences. 
  • Solid technology skills including experience with operating systems, security software, network security, telecommunications, database management systems, business and operational application, and system development and project management practices.
  • Ability to work independently while understanding the necessity for communicating and coordinating work efforts with management, employees and departments, in a timely manner.
  • Strong working knowledge and understanding of IT/IS principles and frameworks, such as COSO/CoBiT/NIST, control procedures, audit standards, practices, techniques, and risk assessments.  
  • Ability to understand the company's IT control environment as a whole to effectively assess the key controls of business processes.
  • Knowledge of federal and state financial regulations and ability to keep up to date on regulation changes.
  • Effective analytical skills, with excellent attention to detail and a strong focus on accuracy. Excels in quickly conceptualizing and assimilating data to make decisions and take appropriate action.
  • Detail oriented with strong organizational, problem-solving, data review and time management skills; with the ability to manage multiple assignments, and reporting requests ensuring that priorities are set and commitments and deadlines are met with minimal  moderate oversight and direction.
  • Unquestionable integrity and strong moral and ethical foundation to disclose potentially illegal, criminal and unethical business practices or data.
  • Ability to handle and deal with sensitive, confidential and proprietary information, in a tactful and discreet manner.
  • Proficient PC experience using MS Office products (Word, Excel, Outlook) and retrieval of data; working knowledge of automated financial management and accounting systems, and financial services core processing systems, with the ability to adapt to and learn new products and technologies quickly. Experience with computer-assisted audit tools preferred.
  • Familiarity with one or more of the following areas is highly desired:
    • IP networks infrastructure (network topology, switches, routers, firewalls, intrusion detection / prevention),
    • Windows active directory (policies, structure, elements),
    • Databases (SQL, Oracle, DB2, monitoring tools),
    • Mobile technologies (data leakage prevention, BYOD security), and
    • Cloud computing standards and frameworks.

Working Environment/Conditions:   

  • Climate controlled office environment.
  • Work involves being able to concentrate on the matter at hand, under sometimes distracting work conditions and frequent interruptions during the day.
  • Work requires regular attendance, punctuality and adherence to agreed-upon schedule(s) with willingness to work a flexible, remote, rotating schedule, and/or extended hours, as needed.

Physical Demands/Effort:   

  • Work may involve the constant use of computer screens, reading of reports, and sitting throughout the day.
  • Ability to operate a computer keyboard, multi-line telephone, photocopier, scanner and facsimile which often requires dexterity of hands and fingers with repetitive wrist and hand motion.
  • Typically sitting at a desk or table; intermittently standing, stooping, bending at the waist, kneeling or crouching to file materials and walking.
  • Occasional lifting 25-30 lbs. (files and/or boxes).

Travel Time: Moderate travel may be required to travel to other Bank locations and meeting sites, which may include overnight travel and extended stay availability when needed; valid driver’s license, proof of insurance, and access to reliable transportation; or the ability to access and utilize an alternative method of transportation, when needed, to carry out job-related essential functions.

The above statements are intended to describe the general nature and level of work being performed and are not an exclusive list of all qualifications for this position.   

Heritage Bank is an Equal Opportunity Employer  

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, protected veteran status, disability, or any other basis protected by applicable law.  

Job applicants have certain legal rights. Please click here for information regarding these rights.  

If you need assistance completing the online application, please email: