Manager, IT Audit

About The Position

Requirements

• 6+ years in internal audit or IT audit, with progressive leadership experience and deep knowledge of internal controls, information security, and SOX. Experience in life sciences industries preferred.
• Bachelor’s or Master’s degree in information systems, computer science, accounting, or related field required.
• Experience in Big 4 public accounting or large corporate internal audit environments preferred.
• At least one professional certification (CISA, CISSP, CIA, CPA, etc.).
• Proven experience executing audits under internal control frameworks, audit standards, and compliance frameworks (SOX, COSO, GAAP, IIA, ISACA, COBIT, ISO 27001, NIST, CMMC).
• Strong project management and communication abilities.
• Experience managing and leading teams.
• Experience with testing controls for enterprise SaaS vendors (e.g., NetSuite, Workday, ADP, Salesforce, Snowflake).
• Demonstrated ability to audit IT applications, databases, operating systems, network systems, and cloud infrastructure.
• Experience auditing segregation of duties (SOD), ITGCs, ITACs, system development lifecycle controls, and evaluating completeness and accuracy.
• Proficiency with data analytics tools (Power BI, Tableau, Alteryx), audit management tools (Auditboard), and Microsoft Office suite.
• Strong commitment to professional judgment, integrity, confidentiality, and ability to maintain objectivity and independence.
• Strong leadership, analytical, and problem-solving skills.
• Ability to present ideas and provide practical, operational advice in business-friendly language.
• High attention to detail, initiative, self-motivation, and ability to manage multiple projects and teams.

Nice To Haves

• Experience in life sciences industries preferred.
• Experience in Big 4 public accounting or large corporate internal audit environments preferred.

Responsibilities

• Independently manage the SOX IT controls testing program, including planning, scheduling, execution of walkthroughs and testing, evidence collection, deficiency assessment, and remediation tracking.
• Perform comprehensive risk assessments to identify areas of audit focus and potential weaknesses in internal controls with the support of the broader internal audit team.
• Lead, mentor, and manage direct reports, providing guidance, feedback, and professional development opportunities.
• Develop audit testing attributes, audit procedures, and scope audit activities to address key risks and control objectives.
• Oversee the preparation and perform the review of audit workpapers, narratives, and flowcharts, ensuring documentation is well-supported and includes an evaluation of operational efficiency, control effectiveness, and policy compliance.
• Prepare comprehensive audit reports and project updates, communicate results effectively in writing and verbally, and ensure clarity and context for diverse audiences, including senior management and external partners.
• Build and maintain trusted relationships with internal and external partners, including IT, Finance & Accounting, GRC, and external auditors, to coordinate SOX testing, remediation, and broader security initiatives.
• Lead or support special projects related to security initiatives, investigations, risk management, and process improvements.
• Identify and develop opportunities for AI, automation, or data analytics to enhance audit procedures and outcomes.
• Ensure accurate and current documentation in risk and control matrices, deficiency logs, and audit management systems.