Internal Audit Manager (Technology)

About The Position

Requirements

• Strong understanding of technology and cybersecurity risk domains, including cloud‑based architectures and modern application environments
• Ability to independently execute complex audits within a defined scope while exercising sound professional judgment
• Demonstrated analytical skills with the ability to connect technical control gaps to broader business, customer, and operational impact
• Intellectual curiosity and willingness to challenge assumptions, ask difficult questions, and explore areas of uncertainty
• Ability to translate complex technical concepts into clear, actionable insights for varied audiences
• Strong written and verbal communication skills, particularly in drafting concise, high‑quality audit reports
• Ability to build trusted relationships with stakeholders while maintaining independence and objectivity
• Strong organizational skills with the ability to manage priorities, deadlines, and competing demands
• High level of integrity, professionalism, and accountability
• Bachelor’s degree in Information Systems, Computer Science, Cybersecurity, Engineering, Business, Accounting, or a related field
• 8+ years of experience in IT audit, technology risk, cybersecurity, or related disciplines within a public accounting firm, public company, or technology‑focused organization (6+ with relevant Master’s degree)
• Experience leading or owning technology audit engagements, including cybersecurity, cloud, infrastructure, or system implementations

Nice To Haves

• Professional certifications preferred: CISA, CISSP
• Other relevant certifications considered: CIA, CPA, CISM, CCSP, CRISC
• Experience in a global technology, SaaS, or cloud‑native environment
• Exposure to DevOps or DevSecOps practices and secure product development
• Familiarity with data analytics, automation, or AI‑enabled audit techniques

Responsibilities

• Own the end‑to‑end execution of assigned technology and cybersecurity audit engagements, from detailed planning through fieldwork, reporting, and issue follow‑up
• Lead risk‑based audit scoping and develop audit workplans and testing strategies aligned to key risks, system architecture, and business context
• Assess the design and operating effectiveness of controls across complex technology domains, including: Cloud infrastructure and platforms, Cybersecurity programs and controls, Identity and access management, Network and application security, Logging, monitoring, and incident response, Secure software development lifecycle (SDLC)
• Apply professional skepticism and technical judgment to move beyond standard audit procedures, identifying root causes, control gaps, and emerging or non‑obvious risks
• Conduct deep‑dive interviews and walkthroughs with engineering, security, and platform teams to understand how systems operate in practice and where risk trade‑offs exist
• Clearly articulate audit observations, including risk implications and practical, prioritized recommendations that support both security and business objectives
• Prepare high‑quality audit reports that synthesize detailed findings into clear, relevant insights for technical and non‑technical audiences
• Partner with Technology and Cybersecurity leadership during audit execution to validate understanding, discuss risk exposure, and support effective remediation planning
• Provide guidance, coaching, and review support to junior auditors, ensuring work quality, accuracy, and adherence to Internal Audit standards
• Stay current on emerging technology trends, cybersecurity threats, and evolving risk landscapes to continuously enhance audit coverage
• Contribute to the evolution and continuous improvement of Internal Audit methodologies, tools, and ways of working

Benefits

• Incentive compensation
• Bonus
• Restricted stock units
• Benefits