IT Assurance Analyst

Basic Information


United States





Date Published


Job ID


Travel Amount


Additional Locations


Description and Requirements

From core to cloud to edge, BMC delivers the software and services that enable over 10,000 global customers, including 84% of the Forbes Global 100, to thrive in their ongoing evolution to an Autonomous Digital Enterprise.
BMC is a global leader in innovative software solutions that enable businesses to transform into digital enterprises for the ultimate competitive advantage.
We are currently hiring for an IT Assurance Analyst to join our Assurance Team in Houston, TX!

About BMC Software Assurance: 
The Assurance Department (Assurance), comprised of Internal Audit, Internal Controls, and Compliance & Ethics provides independent assurance to the Audit Committee and Management that significant strategic, financial, and operational risks are properly identified and managed to an acceptable level.  Assurance performs operational/financial/IT audits, compliance, and other governance activities such as global Enterprise Risk Assessments and Compliance & Ethics services.  The desired state is an effective, cost-beneficial control environment.

We aspire to serve as trusted business advisors to management and will proactively provide consulting and auditing services which add value to BMC.  We operate in a team-oriented environment that provides meaningful and challenging assignments, recognizes and rewards excellence, and is committed to developing leaders for BMC.  Members of Assurance have, or are expected to obtain, Continuing Professional Education in line with achieved professional designations: CISA, CIA, CA, CPA, CISM, CCSA, CRMA and PMP.

What you get to do every day:
Under the direction of the Senior IT Assurance Manager, you will assist members of the organization by using a systematic, disciplined approach to evaluate the efficiency and effectiveness of systems, processes, people, and controls. You will participate in engagement planning, risk assessment, and testing related to technology controls and system/application audits.
  • Lead IT control testing in areas of managed access, IT general computing controls (ITGCC), information security, and/or application automation.
  • Provide guidance to Control and Process owners from various segments regarding the design and documentation of key IT processes and controls.
  • Respond quickly to external auditor requests to ensure timely completion of annual testing goals.
  • Monitor and assess business environment and process changes for significance to objectives, risks, and controls.
  • Maintain documentation of business processes, risks, and controls, including flowcharts, policies, and other applicable data.
  • Obtain, analyze, and appraise evidentiary data as a basis for an informed, objective opinion on the adequacy and effectiveness of controls and the efficiency of performance of process, systems and people performing the activities reviewed.•Execute audits and testing of technology operations, including audit program set-up, developing test procedures, performing audit testing, and drafting control deficiencies in accordance with professional standards (e.g., IIA, ISACA) and the US PCAOB.
  • Determine whether the operations reviewed comply with management directives, Company policies and procedures, and do so in a manner consistent with good business practices.
  • Make oral or written presentations to Assurance and Operations management during and at the conclusion of the audit, discussing deficiencies, recommending corrective action, and suggesting innovative improvements in systems, controls, and operations.
  • Leverage enterprise reporting and data analysis tools (e.g., MicroStrategy, Oracle E-Business Suite, Excel, Power BI) to conduct data mining and analysis in support of audits, control testing, and investigations.

Experience and Education: 
  • Bachelor’s degree in Management Information Systems (MIS), Computer Science, or similar technology discipline is required; a master’s degree is a plus
  • Prior experience performing IT audits and/or testing IT controls is highly preferred.  IT control testing may include managed access, ITGCC (e.g., change management, information security, backup, operations), and/or application automation (e.g., workflow, interfaces, calculations)
  • Previous experience working in Internal or External Audit, particularly SOX testing in an Oracle ERP, is highly desired
  • Demonstrated work experience in technology areas such as cyber/information security or IT compliance may be considered in place of audit or control testing experience
  • Ability to utilize data analysis software/tools
  • Proficient with MS Office applications (Outlook, Word, Power Point, Excel); experience with Visio is a plus

Certifications are considered a plus with preference given to the following: 
  • Certified Information Systems Auditor (CISA)
  • Certified Internal Auditor (CIA)
  • Certified Information Security Manager (CISM)

Characteristics that will help you succeed:
Proficiency in internal auditing, ability to work alone or in a team environment, effective communication, the ability to influence change, and pursuit of excellence are critical attributes for success at BMC.  Knowledge, skills, and abilities that may affect performance include:
  • Strong interpersonal and team-oriented skills
  • Excellent listening, oral, and writing skills in English is required.  Fluency in other languages may be considered a plus
  • Ability to develop relationships with client and Assurance staff
  • Ability to complete analytical reviews, develop client inquiries and evaluate client responses
  • Proven ability to execute IT audits and testing of key IT controls in accordance with professional standards 
  • Ability to prioritize tasks and change focus as new information becomes available


It is the policy of BMC Software to afford equal opportunity for employment to all individuals regardless of race, color, creed, sex, age, sexual orientation, national origin, disability, ancestry, citizenship status, political affiliation, religion, gender, transgender, gender identity, gender expression, marital status, status as a parent, disabled veteran or status as a protected veteran, genetic information or other factors prohibited by law, and to prohibit harassment or retaliation based on any of these factors.

If you need a reasonable accommodation for any part of the application and hiring process, visit the accommodation request page.

Country (Req)

United States