Senior IT Auditor

Role Overview
Reporting to the Senior IT Audit Manager, the IT Auditor is responsible for executing risk‑based IT audits and supporting key technology governance activities across the organization.

Key Responsibilities

• Assist in planning and executing IT audits covering infrastructure, applications, cybersecurity, cloud, and compliance areas.
• Evaluate IT controls for design and operational effectiveness, identifying risks and control gaps.
• Conduct IT SOX testing, including assessments of IT General Controls (ITGCs) and automated controls.
• Support advisory engagements for new system implementations and major technology initiatives.
• Document audit work, analyze technical findings, and develop clear, actionable recommendations.
• Communicate audit results and improvement opportunities to management and relevant stakeholders.
• Monitor remediation efforts and contribute to strengthening the overall IT control environment.

Demonstrate an understanding of IT processes, controls, risk management, and related regulatory and compliance standards and frameworks.
Provide insights and recommendations for the IT and cyber risk assessment process.
Develop and execute IT audit programs to achieve audit objectives by performing audit steps, coordinating audit activity and preparing documentation.

Provide advisory services to management within cybersecurity, operational, compliance, and control domains.

Embrace, promote, and leverage new technology and analytics within audit reviews.

Prepare well-written and timely audit reports and work papers that support the audit conclusions and recommendations.

Participate in meetings with key stakeholders to achieve the audit objectives.

Execute audit assignments, including IT SOX testing.

Assists department management in planning and scheduling audits.

Cooperate with external auditors in support of the external audits.

Travels as necessary to conduct audits.

Read and follow the Underwriters Laboratories Code of Conduct and follow all physical and digital security practices.

Performs other duties as required.

University Degree (Equivalent to a bachelor’s/master's degree) in information systems or a related discipline, plus generally between 5 to 8 years of experience in information technology auditing, or relevant information security or information technology roles.

Professional designation (CISA, CISM, CISSP, etc.) or willingness to pursue certification.

Knowledge of Oracle ERP and cloud systems.

Experience working in a global internal audit function, Big 4, or regional audit firm.

Working knowledge of IT standards or controls frameworks, such as NIST CSF, NIST, GDPR, and/or ISO 27001.

IT SOX experience and familiarity with COSO/COBIT framework.

Experience with data analytics, AI & automation efforts to support risk assessment, planning, audit procedures, and continuous monitoring