Description
As an IT Internal Auditor, you will work with an agile team in a fast-paced, high-technology environment on multiple audit engagements across the enterprise. Reporting to the Internal Audit Manager, you will partner with Technology Data & Insights (TDI), Security, Engineering, and other cross-functional stakeholders.
We're looking for an individual with strong technology acumen, an understanding of technology audit and IT risk, and an eagerness to join a lean, high-impact team.
Responsibilities:
Audit Planning - Participate in IT and cybersecurity risk assessments to identify key enterprise risks and define audit scope - Design comprehensive, risk-based audit programs and testing procedures tailored to the technology environment - Exercise professional judgment regarding project planning, risk prioritization, and objective setting for complex engagements
Audit Fieldwork & Testing - Conduct process walkthroughs and execute fieldwork in strict alignment with department methodology - Evaluate the design and operational effectiveness of key cybersecurity controls, IT General Controls (ITGCs) and IT Application Controls (ITACs) - Prepare high-quality, detailed workpapers that clearly document testing results, evidence, and conclusions - Leverage data analytics, AI tools, and emerging technologies to enhance audit efficiency, automate workpapers, and evaluate AI/ML controls and governance
Reporting & Remediation - Identify control gaps, analyze root causes, and write clear, concise audit reports for management and stakeholders - Discuss audit findings effectively and gain stakeholder agreement on appropriate, right-sized corrective actions - Partner with TDI, Security, Engineering, and cross-functional teams to track and ensure the timely completion of agreed-upon remediation activities
Advisory & Collaboration - Provide risk-based consulting to assist management during business process improvements or new system implementations - Provide guidance, training, and peer mentorship to other team members, fostering professional growth and knowledge transfer
Required Qualifications - Bachelor's degree in Computer Science, Information Systems, STEM (Science, Technology, Engineering, and Math), or a related major - 2+ years of experience in audit with a focus on technology and IT risk - Strong understanding of IT general controls (ITGCs) and IT application controls (ITACs), including cybersecurity, Software Development Life Cycle (SDLC), access and change management, logging and monitoring, disaster recovery, and cloud computing - Technical expertise in IT systems including infrastructure, cybersecurity, and familiarity with IT governance frameworks (e.g. NIST, CSF, and COBIT) - Strong analytical and critical thinking skills, with proficiency in analyzing complex data and extracting meaningful insights - Ability to identify root causes of complex issues and recommend appropriate, practical remediation and safeguards - Strong written and verbal communication skills, including interviewing skills and the ability to effectively present audit findings with business partners - Experience conducting a variety of audits, including financial, operational, and IT - Familiarity with AI and data analytics tools (e.g., Claude, NotebookLM, Gemini, SQL, Python, Tableau, or Power BI) to support audit testing and continuous monitoring
Preferred Qualifications - Big 4 public accounting or similar IT audit advisory experience - Active certification or in process of achieving Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), Certified Information Systems Security Professional (CISSP), or Certified Ethical Hacker (CEH) [CISA strongly preferred] - Experience auditing within cloud-based or Software-as-a-Service (SaaS) environments - Awareness of AI governance, ethics, and emerging risks such as model bias, data privacy, and hallucination
What Success Looks Like - Solutions-oriented: Proactive willingness to roll up your sleeves and 'get it done' - Adaptable: Ability and desire to work hands-on in a rapidly evolving, fast-paced environment Collaboration: Strong communication, collaboration, and organizational skills tailored for success in a hybrid work environment