Senior Information Technology Auditor

About The Position

Requirements

• Bachelor’s Degree in Information Systems, Computer Science, Accounting, or a related field
• At least 7 years of experience in IT audit, information security, or technology risk within regulated or high-growth environments
• Strong knowledge of ISO 27001, PCI DSS, SOC 2 Type II, and IT governance frameworks such as COBIT, NIST, and COSO
• Experience auditing cloud platforms like AWS, Azure, or GCP, with a focus on evaluating security and compliance controls
• Familiarity with Business Continuity Planning and Disaster Recovery practices
• Proven ability to lead audits independently, manage executive-level stakeholders, and deliver clear, actionable insights

Nice To Haves

• Preferred certifications such as CISA, CISM, CRISC, or ISO 27001 Lead Auditor, with a detail-oriented and analytical mindset

Responsibilities

• Lead and execute internal and external IT audits, including scoping, fieldwork, reporting, and follow-up, to evaluate the effectiveness of IT controls.
• Conduct risk assessments to identify key technology risks, control gaps, and improvement opportunities across infrastructure, applications, and data systems.
• Evaluate compliance with regulatory frameworks such as ISO 27001, PCI DSS, and SOC 2 Type II, and assess IT general controls, access management, change management, and cloud security.
• Integrate Business Continuity Planning into audits by evaluating disaster recovery and resilience strategies for critical systems and processes.
• Partner with teams across Engineering, Security, Compliance, and Operations to develop and validate remediation plans and recommend control enhancements.
• Prepare clear, actionable audit reports that summarize findings, risk implications, and recommendations for management.
• Strengthen audit practices through data analytics, automation, and continuous monitoring, while staying informed on emerging IT risks and compliance trends.