Internal Auditor II

About The Position

Requirements

• Bachelor’s degree in MIS, IT, Computer Science, Business, Finance, Cybersecurity, or a related field (or equivalent education and experience).
• Minimum 2 years of IT audit, InfoSec/cybersecurity, or IS/IT experience in a public accounting firm or public company, with a focus on security, privacy, ERM, GRC, and controls.
• Experience auditing IT projects, programs, and systems (e.g., SDLC reviews), infrastructure, cybersecurity risks/controls, and operating systems (Oracle experience a plus).
• Familiarity with Cyber Security (including ISO 27001 ISMS audits), data analytics, Robotic Process Automation (RPA), system development/testing, UNIX, Windows, Oracle, SQL, and technology industry practices.
• Strong understanding of internal control concepts and their application to business processes.
• Knowledge of internal auditing standards, COSO, COBIT, and risk assessment practices.
• Excellent verbal and written communication skills for effective presentations to peers and management.
• Ability to see the big picture while maintaining attention to detail.
• Strong interpersonal, organizational, and planning skills, with unquestionable ethics and integrity.
• Ability to manage multiple projects with varying team members.
• Flexibility to work outside standard hours during key business deadlines.
• Duties are performed in a normal office environment while sitting at a desk/computer table
• Duties require the use of a computer, communication by phone, and reading printed material.
• Duties may require travel via car/plane, lifting up to 50lbs, and work outside of standard hours.

Nice To Haves

• Professional certifications preferred: CISA, CISSP; also considered: CIA, CPA, CCSP, CISM.

Responsibilities

• Define audit scope, approach, and project-specific risks for engagements in the annual audit plan; contribute to risk assessments and audit plan development.
• Plan, document, and conduct complex audit assignments, executing all aspects of projects independently or as part of a team, with management oversight.
• Support special audits, advisory projects, and other assignments as needed.
• Stay current on IT and cybersecurity audit practices, regulatory requirements, and risk frameworks (e.g., NIST CSF/RMF, NIST 800-53/FedRAMP, Cloud Shared Responsibility Model, COBIT, ISO/IEC 270xx, PCI-DSS, SOC 2).
• Assess policy compliance, control design, and effectiveness, leveraging best practices and internal control concepts.
• Conduct stakeholder interviews, perform audit fieldwork, and document findings in accordance with department standards.
• Identify and communicate issues, recommendations, and process improvement opportunities; draft clear, concise audit reports for management.
• Collaborate with stakeholders to develop corrective action plans.
• Prepare high-quality materials and periodic reports for the Audit Committee, accurately reflecting audit work performed, outstanding issues, and key findings, in collaboration with Internal Audit Management.
• Drive process improvement within Internal Audit, focusing on methodology, execution, cost savings, and data analytics to enhance risk assessment and audit planning.
• Uphold F5’s Business Code of Ethics and model the Be F5/Lead F5 Behaviors.
• Promptly report any violations of the Code or company policies.
• Adhere to IIA standards and perform other related duties as assigned.

Benefits

• You may also be offered incentive compensation, bonus, restricted stock units, and benefits.
• More details about F5’s benefits can be found at the following link: https://www.f5.com/company/careers/benefits .
• F5 reserves the right to change or terminate any benefit plan without notice.