Share this Job

Information System Auditor

Date: Jul 24, 2022

Location: Atlanta, GA, US, 30308

Company: Norfolk Southern Corp.

Requisition 32791:

#LI-EB23 #LI-Hybrid 


Job Description

The Information Systems Internal Auditor provides independent assessments of the control environment over IT infrastructure, systems, and data through the execution of risk analysis, control evaluation, and innovative audit testing procedures.  The IS Auditor focuses on the secure and effective deployment and operation of technology in support of corporate objectives and regulatory requirements. IS Auditor activities include developing risk-based audit programs, identifying recommendations that help mitigate risks and provide continuous improvement in processes and controls, communicating results, and following up on issues reported.

Principal Duties:

  • Depending on the career level, some or all of the following key responsibilities will apply:
  • Independently performs assigned audit testing and concludes on the effectiveness of controls, identifying control gaps and exceptions and evaluating the potential impact
  • Demonstrates the ability to multi-task by clearly documenting the results of testing on more than one audit concurrently
  • Prepares audit reports and work papers to ensure adequate documented evidence exists to support audit opinions and conclusions
  • Conducts IT integrated audits with operational, compliance, financial, and investigative audit teams, as assigned
  • Accurately interprets collected evidence to effectively identify, recommend, and report improvement opportunities for processes and controls
  • As appropriate, identifies opportunities for continuous improvement related to the use of technology
  • Prepares well-written and timely audit reports which communicate audit issues and related recommendations in both technical and non-technical terms to management
  • Demonstrates development in technical and analytical skills to understand new and existing technologies, including cyber security, IT general controls and software development practices
  • Demonstrates technical understanding of data analysis concepts and practices
  • Develops an awareness of changes in IT audit practices, regulatory requirements, and IT Risk frameworks to understand their impact to Auditing (e.g. NIST Cyber, CSC, COBIT, ISO2700x)


Preferred Level:  Bachelor's Degree (Any)

Preferred Majors:   

  • Computer Science, Information Systems, Business Administration, Accounting, Finance


Preferred: Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP)

Technical Skills:

  • Working knowledge of operational, compliance and IS auditing techniques
  • Broad IT knowledge in infrastructure technologies, application development and support, and emerging technologies

Skills and Abilities:

  • Communication Skills, Analyzing Problems, Behaving Professionally, Adaptive Thinking and Agile Learner

Work Conditions

Environment: Hybrid (40% onsite / 60% Remote)

Shift Work: No

On-Call: No

Weekend Work: No


Company Overview

Norfolk Southern Corporation (NYSE: NSC) is a Fortune 300 organization and one of the nation’s premier transportation companies. Its Norfolk Southern Railway Company subsidiary operates approximately 19,500 route miles in 22 states and the District of Columbia, serves every major container port in the eastern United States, and provides efficient connections to other rail carriers. Norfolk Southern is a major transporter of industrial products, including chemicals, agriculture, and metals and construction materials. In addition, the railroad operates the most extensive intermodal network in the East and is a principal carrier of coal, automobiles, and automotive parts.


At Norfolk Southern, we believe in celebrating our individuality. By leveraging the unique backgrounds and viewpoints of our employees, we can create a culture of innovation, respect, and inclusion. We know that employees thrive in a workplace where differing viewpoints, ideas, and experiences are freely shared and valued. As such, we encourage all employees to contribute their distinctive skills and capabilities to our organization.


Equal employment opportunities are available to all applicants regardless of race, color, religion, age, sex, national origin, disability status, genetic information, veteran status, sexual orientation, and gender identity. Together, we power progress.


Effective December 8, 2021, NS has paused its implementation of the COVID-19 vaccine mandate given the dynamic legal proceedings.  The ultimate outcome of the federal contractor vaccine mandate is yet to be determined. It is still possible that the mandate, as it applies to NS, could be upheld in court in the near future. If the mandate is upheld, NS employees will be required to be vaccinated or have an approved medical or religious accommodation.

Nearest Major Market: Atlanta