Director, IT Audit

About The Position

Requirements

• Strong interpersonal and presentation skills, including the ability to communicate effectively with others at all levels inside and outside the company
• Ability to work independently with minimal supervision
• Expert Excel, Access, Word, Outlook and PowerPoint Skills
• Analytic Skills: Ability to think objectively and interpret meaningful themes from quantitative and qualitative data
• Problem Solving & Decision Quality: Able to use rigorous logic and methods to solve problems with effective solutions
• Relationship Management: Able to build constructive and effective relationships with a broad and diverse group of business partners
• Leadership and performance management skills
• Strong verbal and written communications skills
• Excellent organizational and time management skills
• Possess strong interpersonal skills to deal effectively with a wide variety of people assertively and confidently
• Risk-Based IT Audit Leadership
• Cybersecurity & Technology Risk Expertise
• ERP (SAP) & Automated Controls Knowledge
• Digital Transformation & Program Assurance
• Cloud & Infrastructure Risk Management
• Executive Communication & Influence
• Strategic Business Partnership
• Audit Judgment & Critical Thinking
• Data Analytics & Continuous Auditing
• Leadership & Talent Development
• 12+ years of IT audit, cybersecurity, or technology risk experience
• 8+ years in a leadership or management role
• Experience in public company environments with SOX / JSOX
• Experience auditing ERP environments (SAP preferred)
• Experience with cloud technologies (AWS, Azure, or Google Cloud)
• Experience assessing cybersecurity programs
• Experience working with external audit firms and regulators
• Bachelor’s degree in Information Systems, Computer Science, Accounting, or related field
• One or more of the following required: CISA – Certified Information Systems Auditor CISSP – Certified Information Systems Security Professional CIA – Certified Internal Auditor CISM – Certified Information Security Manager CRISC – Certified in Risk and Information Systems Control

Responsibilities

• Develop and maintain a risk-based IT audit strategy and multi-year technology audit roadmap aligned with enterprise risks and digital transformation initiatives
• Lead development and execution of the annual IT audit plan
• Integrate IT risk insights into the broader enterprise audit plan and risk assessment process
• Provide independent assurance over the organization’s cybersecurity programs
• Provide independent oversight of critical enterprise systems, applications and technology initiatives
• Evaluate governance frameworks and internal controls supporting the responsible use of AI technologies
• Support the enterprise JSOX program through oversight of ITGC and application controls testing
• Modernize the IT audit approach with advanced data analytics, automation, and AI-enabled tools
• Build trusted relationships across the organization including IT leadership, Information Security, Enterprise Risk Management, Legal & Compliance, Finance and external auditors
• Manage relationships with external co-sourcing partnerships
• Develops and implements strategic plans and objectives for the department/sub-function in an effective and innovative fashion
• Understands the business and can put together comprehensive department solutions
• Works with other leaders to establish strategic plans and works towards achieving them
• Provides leadership and direction to managers in their respective division/department
• Sees to department staffing needs (e.g. interviewing, hiring, new hire and ongoing training, annual evaluations, etc.)
• Participates in budget development and monitoring of expenses
• Level of signing authority established by company policy/guidelines