Info Systems Audit Associate II

Sempra

San Diego, CA

JOB DETAILS
SKILLS
Analysis Skills, Auditing, Computer Security, Cross-Functional, Information Technology & Information Systems, Information Technology/Systems Audit, Internal Audit, Internet Security, Maintain Compliance, Operational Audit, Operations Processes, Risk Analysis, Risk Management, Systems Analysis, Technical Operations, Test Plan/Schedule, Testing
LOCATION
San Diego, CA
POSTED
21 days ago

Sempra: Where opportunity powers impact

At Sempra, a better world begins with better energy-and with people who want to make a difference. That's why we're tackling the biggest challenges facing our industry while building ahigh‑performance culture where you can do your best work. Together, our teams support nearly 40 million consumers across the U.S., strengthening the communities we serve and creating impact that extends far beyond the workplace. Here, collaboration, inclusivity and shared purpose empowers you to grow your passion, build a rewarding career and contribute to something bigger-helping shape a better energy future for all.

Primary Purpose

The role primarily focuses on conducting comprehensive internal audits of IT systems with an emphasis on evaluating cybersecurity risks. By collaborating with cross-functional teams, the role will address key vulnerabilities, assess control mechanisms, and contribute to the overall strengthening of IT security frameworks and risk mitigation strategies. The position executes a broad range of testing and analysis for information systems audits. It recommends practical adjustments to test steps, communicate routine issues to stakeholders, and contribute to reporting.

Duties and Responsibilities

  • Performs control testing for application, technology, and operations processes and evaluates whether evidence meets defined criteria.
  • Proposes refinements to test procedures when populations or tools differ from plan while maintaining methodological compliance.
  • Analyzes privileged access, security configuration hardening, logging and other cybersecurity control artifacts to identify exceptions and potential impact.
  • Summarizes testing results and drafts preliminary observations that link criteria, condition, cause, and effect.
  • Coordinates with technology teams to obtain extracts or configuration exports required for sampling and analysis.
  • Participates in entrance and exit meetings, explaining straightforward procedures and conclusions.
  • Contributes to follow‑up reviews by confirming remediation activities and gathering validation evidence.
  • Performs other duties as assigned.

About the Company

S

Sempra