Director, IT Audit

About The Position

Requirements

• Bachelor’s degree in Information Systems, Computer Science, Accounting, Cybersecurity, or related field
• A minimum of 10 years of progressive experience in IT audit, IT risk management, cybersecurity, or information systems controls
• A minimum of 5 years of leadership experience managing audit teams or enterprise-level audit programs
• Hands-on experience auditing enterprise IT environments, including cloud platforms, core applications, and infrastructure
• Strong knowledge of COSO, NIST, COBIT, and internal audit methodologies (IIA GIAS)
• Demonstrated experience engaging with executive leadership
• Deep expertise in IT controls, including logical access, change management, security, IT operations, data privacy, application development, and governance
• Proven ability to analyze complex data, identify root causes, and deliver practical, risk-based recommendations
• Exceptional written and verbal communication skills, with the ability to deliver clear, actionable audit reports
• Strategic thinker with a strong risk-oriented mindset
• Effective people leader with the ability to inspire and develop talent
• Advanced analytical, critical thinking, and problem-solving capabilities
• Confident executive communicator and trusted influencer
• Resilient leader able to manage multiple priorities in a fast-paced environment

Nice To Haves

• Master’s degree or MBA
• Professional certifications such as CIA, CISA, CISSP, CISM
• Project or agile certifications (PMP, PMI-ACP, SAFe®, CSM, etc.)

Responsibilities

• Lead complex IT audits across cybersecurity, cloud, data governance, applications, and infrastructure
• Ensure audits are executed in accordance with IIA Standards, ISACA guidelines, and the IAAS methodology
• Evaluate IT governance frameworks and alignment with COBIT, NIST, and related standards
• Assess cybersecurity programs, including identity and access management, incident response, data protection, and security operations
• Incorporate emerging technology risks into audit planning and execution
• Present audit findings, risk assessments, and recommendations to senior leadership
• Validate remediation efforts and monitor management action plans
• Provide advisory support for system implementations, digital transformations, and major IT initiatives
• Lead, coach, and develop teams of IT auditors, interns, and external contractors
• Manage relationships with external audit partners and third-party service providers
• Oversee all phases of audit engagements—from planning through reporting—ensuring quality, consistency, and adherence to professional standards
• Ensure audit workpapers and documentation support external re-performance and regulatory scrutiny
• Develop strong working relationships with senior IT leaders, executives, and key stakeholders
• Represent IAAS in board, committee, and leadership forums as needed
• Maintain awareness of evolving regulatory, industry, and technology trends and their impact on the control environment
• Serve as a trusted, objective advisor, providing practical assurance and insights into the management of critical technology risks