IT Audit Project Lead
About The Position
McMaster-Carr is a leading e-commerce company with over 120 years of trust from industrial customers, providing products for manufacturing, operations, and prototyping. The company is known for its industry-leading e-commerce experience, extensive product selection, and world-class service, attracting hundreds of thousands of customers daily. As a member of the IT Audit team, this role involves working closely with various teams within the Technology organization to understand custom systems and evaluate McMaster-Carr’s IT security controls. The internal audit team emphasizes creativity and critical thinking, fostering strong relationships with technology leaders. Given that most systems are custom-built and constantly evolving, auditors must apply security principles and professional judgment rather than relying on standardized checklists. This bespoke environment necessitates a strong foundation in security principles and a curious approach to assessing the company’s security practices.
Requirements
- 5+ years of relevant work experience, including at least 3 years in an audit role, with recent experience auditing security controls.
- A 4-year degree.
- A certification in audit or cybersecurity.
- Experience assessing security controls, with working knowledge of topics such as firewalls and network segmentation, incident response management, security configurations, logging and monitoring, backup and recovery practices, and user access management.
- The ability to engage quickly with unfamiliar technology environments, ask astute questions, and apply audit judgment in settings without rigid policies or standard playbooks.
- Exceptional communication and analytical skills--able to synthesize technical concepts, explain risk clearly, and connect ideas across different audits and systems.
Responsibilities
- Conduct audits independently from planning through reporting.
- Communicate findings and recommendations clearly and focus on helping teams strengthen security and operations.
- Serve as a risk and controls expert, partnering with Technology leaders to assess the effectiveness of IT security controls that protect the business.
- Build trusted partnerships with technology leaders, including members of the security, mainframe, and infrastructure teams.
- Develop deep knowledge of McMaster-Carr's custom-built systems, from McMaster.com to payment processing to internal infrastructure.
- Devise practical test plans to assess how controls protect the business.
- Work directly with subject matter experts to understand which servers handle sensitive data, how access is controlled, and how encryption is applied at each stage.
- Use critical thinking in the application of security frameworks to the technology environment, considering internal context and security goals.
- Help shape a growing IT audit function by influencing audit topics, following curiosity into new areas, and connecting insights across engagements.
Benefits
- Total cash compensation generally ranges from $200,000 - $259,000 and includes profit sharing based on company performance.
- 100% tuition reimbursement
- Informal and formal mentorship
- Employee resource groups
- Medical, dental, pharmacy, and vision plans with no monthly premiums
- Inclusive, all-gender benefits
- Paid parental leave for all new parents
- Adoption and surrogacy assistance
- First-time home buyer assistance
- Industry-leading company-funded retirement accounts
- Paid vacation and personal time
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Senior
