Certified Information Systems Auditor - OKC, OK

Certified Information Systems Auditor - OKC, OK

Date: Dec 31, 2025

Location: Oklahoma City, OK, US, 73118 Spring, TX, US, 77389

Company: Expand Energy

Our core values — Stewardship, Character, Collaborate, Learn, Disrupt — are the lens through which we evaluate every business decision. As a dynamic, growing company that offers extremely competitive compensation and benefits, our employees are our most valued assets and the foundation of Expand's performance among our E&P competitors.

We seek applicants from all backgrounds to ensure we get the best, most creative talent on our team. We realize that, historically, underrepresented groups feel the need to be 100% qualified in order to apply. If you meet any combination of our requirements, we encourage you to apply. We strive to hire people from a wide variety of backgrounds, not just because it’s the right thing to do, but because it makes our company stronger.

We are actively seeking a highly skilled and strategic Senior Certified Information Systems Auditor (CISA) to join our dynamic Internal Audit team. This critical role is designed for a seasoned professional who can independently lead and execute complex IT audits, focusing on risk mitigation across our most vital technology landscapes.

The ideal candidate will combine deep expertise in ERP systems (such as SAP S/4

HANA), Identity and Access Management (IAM), and modern cloud-based analytics platforms (like Snowflake and Power BI) with an ability to provide proactive control consultation.

• Provides input into the development of the annual risk assessment and provides recommendations on the Annual Audit Plan
• Plans and executes audit engagements or other testing relating to SOX, Operational, or other consulting and audit engagements
• Serves as 1st or 2nd level reviewer of audit engagements
• Prepares timely audit reports for executive management, the Audit Committee and the Board of Directors and act as the primary client liaison within Internal Audit for one or more VPs / division heads
• Researches new or technical subjects to support audits and proactively seeks relevant continuing education and training opportunities
• Provides feedback on performance of audit assignments, and trains / mentors lower-level auditors as needed
• Performs other duties as assigned

• Lead and execute comprehensive IT audits, including integrated audits, focusing on general IT controls, application controls, and security across various systems
• Develop and execute audit programs tailored to the organization’s transition from legacy platforms, such as SAP ECC, to a modern platform, such as SAP S/4 HANA
• Manage and perform Identity and Access Management (IAM) audits, reviewing provisioning, de-provisioning, role management, privileged access, and segregation of duties (SoD) to ensure compliance and security
• Conduct pre-implementation and post-implementation consultation and reviews of major software applications to identify control gaps and operational risks before go‑live
• Analyze and evaluate IT risks within business processes, providing practical recommendations for remediation and control improvement
• Prepare detailed, well‑written audit reports and present findings to management, clearly articulating risks and their potential impact
• Act as a subject matter expert and developer of tools, reports, and automations associated Internal Audit’s needs
• Stay current with industry trends, regulatory changes, and emerging technologies, including Artificial Intelligence (AI), to assess potential impact on the organization's control environment
• Strong interpersonal skills and a collaborative mindset to work effectively with auditees and management

Minimum:
High school diploma or GED

Preferred:
Bachelor’s degree - from accredited university - Technology, Accounting, Business Administration, IT, Information Systems or related field

Preferred:
Other - Certified Internal Auditor (CIA), Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRISC), Certified Information Security Manager (CISM), Certified Information Systems Security Professional (CISSP)