IT Lead Auditor, Internal Audit

AES•Salt Lake City, UT

22h

About The Position

This position leads and delivers complex, cross-functional information technology audits and advisory reviews across AES. The IT Lead Auditor owns assigned components of the IT audit plan, drives risk-based scoping and execution, and formulates practical recommendations to improve control design and operating effectiveness, within IT processes and systems. The role serves as an engagement lead, ensuring high-quality documentation and compliance with Internal Audit standards, and acting as a trusted advisor to IT leadership.

Requirements

5-7 years of experience with IT internal audit or Information Technology
CISA certification required.
Strong knowledge of ITGC concepts, system implementation risks/controls, SDLC/ERP environments, and IT governance.
Experience auditing large-scale system implementations (e.g., ERP, cloud migrations, data platforms) across multiple regions or business units.
Strong project management and prioritization skills with the ability to manage multiple concurrent requests.
Excellent analytical, writing, and communication skills, including ability to present clearly to senior stakeholders.

Nice To Haves

CISSP and/or CIA considered a plus.
Proven ability to lead audit engagements and coach team members; demonstrated experience reviewing workpapers and driving consistent audit quality.

Responsibilities

Act as engagement lead for audit and advisory projects, providing day-to-day oversight of execution, including planning resourcing, scoping, coaching team members, and preparing and/or reviewing workpapers and deliverables for quality and consistency.
Lead and oversee audits of IT General Controls (ITGCs) and major system implementations, including pre and post implementation reviews, access management, change management, IT operations, interfaces, system and project governance, SDLC, application controls, data conversion, and go-live readiness.
Partner with regional and corporate IT leadership to identify areas of high or emerging risk and provide independent challenge and advisory support.
Provide advisory support to the CSA process, including guidance on IT control design, risk coverage, testing approaches, and consistency with IA standards.
Lead the preparation, review, and presentation of executive-ready audit reports expressing conclusions on control adequacy/effectiveness, root cause, and risk impact.
Track, validate, and monitor remediation of IT control deficiencies, escalating overdue or high-risk items and supporting sustainable closure.
Contribute to Internal Audit Digital Transformation efforts (GenAI and Data Analytics), including leveraging automation/analytics to expand coverage and improve audit efficiency.
Promote compliance with IIA Standards and Internal Audit methodology, ensuring evidence sufficiency, proper review, and consistent documentation across engagements.
Provide IT best-practice recommendations based on audit results and lessons learned from system implementations and ITGC reviews.
Coordinate with external auditors as needed, providing timely responses, clarifications, and supporting evidence for questions or findings arising from Internal Audit reports.