IT Audit Manager (Open to Remote)

About The Position

Requirements

• Bachelor’s Degree in Management Information Systems, Computer Science, Accounting, Business or equivalent combination of related work experience and education
• One or more of the following certifications: Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRISC), or Certified Information Security Manager (CISM)
• 5+ years of internal/external IT audit, or equivalent, experience
• Strong proficiency in risk‑based IT auditing; cloud security principles; identity and access management; data protection; vulnerability and patch management; monitoring and logging practices; DevSecOps and Secure SDLC concepts; and the application of IT control frameworks such as NIST, ISO 27001, COBIT, and the CSA CCM.
• Experience with SOX ITGC is beneficial.
• Comfortable with audit management platforms such as AuditBoard or similar tools, enterprise platforms such as ServiceNow, analytics platforms such as Power BI, and productivity tools included in Microsoft 365.
• Excels at distilling complex technical topics into clear, executive‑level communication; influencing stakeholders without direct authority; and managing multiple engagements while ensuring quality, consistency, and timely delivery.
• Demonstrates strong people‑leadership and collaboration skills, including the ability to coach and guide audit staff, build productive cross‑functional relationships, and foster trust with technical and business partners.
• Able to work independently with sound judgment, navigate ambiguity with confidence, and contribute positively to team culture through clear communication, professionalism, and constructive problem‑solving.

Nice To Haves

• Advanced degree in Management Information Systems, Accounting, Finance or equivalent
• Certified Public Accountant (CPA), Certified Internal Auditor (CIA), cloud‑security credentials such as CCSK or CCSP
• Extensive knowledge of global cyber security regulations
• Prior experience in a professional services firm
• Experience using agile concepts for auditing and project management
• Prior reinsurance or insurance audit experience
• Experience auditing Active Directory, Windows Server, Linux, Jenkins, Github, Splunk, Varonis, Snowflake, Alteryx, PeopleSoft, Workday, Oracle/SQL Server database
• Experience auditing cloud computing environments (e.g. Amazon Web Services (AWS), Microsoft Azure)

Responsibilities

• Leads planning, scoping, and execution of complex IT audits, ensuring quality, budget discipline, timely delivery, and effective stakeholder engagement.
• Identifies risks, develops audit programs, resolves delivery obstacles, and guides teams through resolution of issues.
• Evaluates alignment with IT governance processes, enterprise architecture, technology strategy, and global regulatory requirements.
• Leads audits across key domains, including identity and access management, cloud security and operations (e.g. AWS, Azure), data protection, vulnerability management, change management, logging and monitoring, incident response, operational resilience, and third‑party/vendor oversight, ensuring comprehensive coverage of enterprise technology risks.
• Conducts risk-based audits in accordance with the Global Audit Charter and IIA Standards, with control testing aligned with relevant frameworks such as NIST, ISO 27001, COBIT, and the CSA Cloud Controls Matrix, as appropriate.
• Works in close partnership with the Global Security Office, Risk, Compliance, and co-sourced audit partners to coordinate audit objectives, reduce redundant efforts, and develop integrated risk insights that inform enterprise decision-making.
• Drafts comprehensive and concise audit reports, prepares executive-level communications, assists in the creation of materials for senior IT leadership and the Audit Committee, and oversees and verifies management's remediation activities through completion.
• Enhances audit effectiveness by incorporating data analytics, automation, and, when appropriate, AI‑enabled techniques to expand coverage, improve testing precision, and maintain strong evidence discipline.
• Provides coaching and professional development to audit staff, reviews workpapers and deliverables to ensure adequacy and clarity, and establishes clear expectations for high-quality communication, stakeholder engagement, and disciplined execution.

Benefits

• Gain valuable knowledge from and experience with diverse, caring colleagues around the world.
• Enjoy a respectful, welcoming environment that fosters individuality and encourages pioneering thought.
• Join the bright and creative minds of RGA, and experience vast, endless career potential.