Internal Auditor - Technology

About The Position

Requirements

• Bachelor's degree in related field
• At least 2 years of IT audit, technology risk, cybersecurity or consulting experience
• Successful track record in facilitating and consulting across teams and managing projects
• Team-oriented; optimistic attitude
• Excellent organizational skills and attention to detail, with the ability to work independently
• Ability to manage multiple or competing priorities
• Implementation and execution skills; critical thinking skills
• Aptitude for establishing working relationships with associates within the department and the business
• Must be passionate about contributing to an organization focused on continuously improving consumer experiences

Nice To Haves

• Certifications such as CISA, CISM, CEH, or CISSP
• Advanced degree preferred

Responsibilities

• Perform IT audit and cybersecurity‑focused consulting engagements, evaluating application, infrastructure, and cloud environments following established audit methodology and within budgeted timeframes.
• Apply professional IT audit concepts, cybersecurity frameworks (e.g., NIST CSF), and established technologies while using standard audit techniques such as control testing, data analysis, and risk assessment.
• Participate in audit planning, providing insights on technology risks, threat vectors, and cyber control design to help shape audit scope, objectives, and testing strategies.
• Attend and conduct walkthroughs with Humana business and technology teams, focusing on system architecture, authentication mechanisms, data flows, and security controls.
• Identify where you design and operate IT general controls and application controls effectively, including access management, change management, logging/monitoring, configuration management, and vulnerability management.
• Identify control weaknesses, cybersecurity vulnerabilities, misconfigurations, and root causes, and prepare clear, actionable draft audit issues that reflect impact, likelihood, and risk alignment.
• Recommend security‑focused improvements and follow through on corrective actions until you verify management remediation plans, ensuring you mitigate risks appropriately.
• Collaborate with internal audit team members to align IT audit coverage with enterprise cyber risk priorities and support overall department and company objectives.
• Develop communication skills to navigate discussions involving security findings, conflict, or risk acceptance decisions.
• Clearly and concisely communicate the results of IT audit and cybersecurity engagements through written reports and presentations to management, translating technical risks into business‑relevant impact.

Benefits

• medical, dental and vision benefits
• 401(k) retirement savings plan
• time off (including paid time off, company and personal holidays, volunteer time off, paid parental and caregiver leave)
• short-term and long-term disability
• life insurance
• many other opportunities