IT Audit Project Lead

McMaster-Carr•Chicago, IL

6h•Onsite

About The Position

McMaster-Carr is a leading e-commerce company with over 120 years of experience, providing industrial customers with products to maintain operations and innovate. The company emphasizes an industry-leading e-commerce experience, indispensable product selection, and world-class service, driven by curious and exceptional people. As a member of the IT Audit team, the role involves working closely with teams across the Technology organization to understand custom systems and assess McMaster-Carr’s IT security controls. The internal audit team focuses on creativity and critical thinking, building strong relationships with technology leaders. Given the custom-built and evolving nature of the systems, auditors must apply security principles and professional judgment rather than relying on standardized checklists. This requires a strong foundation in security principles and curiosity to learn and assess the company’s security practices.

Requirements

5+ years of relevant work experience, including at least 3 years in an audit role, with recent experience auditing security controls
A 4-year degree
A certification in audit or cybersecurity
Experience assessing security controls, with working knowledge of topics such as firewalls and network segmentation, incident response management, security configurations, logging and monitoring, backup and recovery practices, and user access management
The ability to engage quickly with unfamiliar technology environments, ask astute questions, and apply audit judgment in settings without rigid policies or standard playbooks
Exceptional communication and analytical skills--able to synthesize technical concepts, explain risk clearly, and connect ideas across different audits and systems

Responsibilities

Conduct audits independently from planning through reporting. Communicate findings and recommendations clearly and focus on helping teams strengthen security and operations. You’ll serve as a risk and controls expert, partnering with Technology leaders to assess the effectiveness of IT security controls that protect the business.
Build trusted partnerships with technology leaders. While you’ll gain exposure to many different teams, you'll frequently work with members of the security, mainframe, and infrastructure teams. By gaining and demonstrating an understanding of their systems and tools, you’ll develop trust with the subject matter experts and enable collaboration that makes deep audit work possible.
Develop deep knowledge of McMaster-Carr's custom-built systems. From McMaster.com to payment processing to internal infrastructure, you’ll devise practical test plans to assess how controls protect the business. You'll work directly with subject matter experts to understand which servers handle sensitive data, how access is controlled, and how encryption is applied at each stage.
Use critical thinking in the application of security frameworks to our technology environment. Whether assessing our security controls holistically or completing the PCI assessment of credit card data flows, we carefully consider our internal context and the intended security goal of the relevant framework to determine whether our processes align with the framework’s guidance.
Help shape a growing IT audit function by influencing audit topics, following curiosity into new areas, and connecting insights across engagements.

Benefits

Total cash compensation generally ranges from $200,000 - $259,000 and includes profit sharing based on company performance.
100% tuition reimbursement
Informal and formal mentorship
Employee resource groups
Medical, dental, pharmacy, and vision plans with no monthly premiums
Inclusive, all-gender benefits
Paid parental leave for all new parents
Adoption and surrogacy assistance
First-time home buyer assistance
Industry-leading company-funded retirement accounts
Paid vacation and personal time