Senior Auditor, Technology - Global Audit & Enterprise Risk Management

Columbia Sportswear Company•Portland, OR

1d•Hybrid

About The Position

Global Audit & Enterprise Risk Management partners with leaders across the enterprise to protect and enhance company value through world-class risk management, audit, and advisory services. As the Senior Auditor, you will play a critical role in assessing and strengthening Columbia’s cybersecurity and technology risk posture. This role is primarily focused on evaluating cybersecurity risks and controls, delivering independent and objective insights that help the business anticipate and mitigate evolving threats. You will serve as a key resource across cybersecurity audits, control testing, and enterprise risk initiatives, partnering closely with technology teams to support secure innovation across cloud, digital commerce, and emerging technologies.

Requirements

Bachelor’s degree in Information Systems, Computer Science, Cybersecurity, or related field; or business degree with significant IT risk experience
4+ years of progressive experience in cybersecurity audit, technology risk, or information security
Strong, hands-on experience evaluating and testing cybersecurity controls and frameworks (NIST, ISO, CIS Controls; not just exposure)
Experience performing cybersecurity audits in complex enterprise environments, including areas such as IAM, cloud security, or data protection
Familiarity with operating systems, databases, cloud platforms, enterprise architecture, and digital commerce risk considerations

Nice To Haves

Relevant certifications such as CISA, CISSP, CISM, CRISC, CEH, or CompTIA Security+

Responsibilities

Perform cybersecurity audits against core frameworks and collaborate with technical teams to deliver clear, actionable findings and recommendations.
Lead cybersecurity-focused risk assessments and contribute to audit planning to proactively identify and mitigate emerging cyber threats across global operations.
Execute audits with a primary focus on cybersecurity, including identity and access management, cloud security, data protection, IT governance, and system development.
Execute deep-dive testing and analysis of cybersecurity and enterprise technology risks, driving mitigation strategies aligned with business objectives.
Assess cybersecurity controls against leading frameworks (NIST CSF, ISO 27001, COBIT, CIS Controls) to ensure resilience and effectiveness.
Stay current on trends in AI, cloud, cybersecurity, and digital commerce risks, supporting safe and secure adoption of innovative technologies.
Deliver clear, concise, and impactful insights to leadership in a timely and effective manner.
Model a culture of accountability, collaboration, quality, and continuous improvement.
Uphold Global Internal Audit Standards and promote a culture of integrity across the organization.

Benefits

401k plan plus a generous company match
medical, dental, vision, life Insurance, disability, flexible spending accounts, health savings account
assortment of voluntary benefit offerings (accident, critical illness, hospital indemnity, and legal services)
EAP + which is free and confidential 24/7/365 counseling services
extensive wellness benefits
employee discounts
generous time off program

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume