Senior IT Auditor Specialist

About The Position

Requirements

• Minimum of 10 years of progressive experience in IT audit, technology risk, or internal controls, preferably within asset management, financial services, or investment management.
• Bachelor’s degree in Information Systems, Accounting, Finance, Computer Science, or a related field.
• Strong knowledge of IT general controls (ITGCs), application controls, SDLC, change management, access controls, and infrastructure controls across on‑prem and cloud environments.
• Deep or expert knowledge in auditing systems and processes supporting investment operations, portfolio management, trading, valuation, fund accounting, and financial reporting.
• Proven ability to assess risks associated with emerging technologies, including cloud platforms (AWS/Azure), data analytics, automation, and third‑party/vendor risk.
• Professional certification(s) required or strongly preferred (e.g., CISA, CIA, CISSP), with commitment to ongoing continuing education.
• Hands-on familiarity with regulatory and compliance frameworks relevant to asset management (e.g., SOX, SOC 1/2, SEC regulations, NIST, COBIT, ISO 27001).
• Excellent written and verbal communication, presentation, and time management skills, with the ability to thrive in a fast-paced environment and consistently deliver results to senior management and key stakeholders.
• Strong project management, analytical, and judgment skills, with the ability to work independently, prioritize competing deadlines, and lead audit engagements end‑to-

Nice To Haves

• Master's degree in business administration or a related field, or equivalent experience.
• Prior experience auditing asset management, investment management, private equity, or wealth management environments.
• Exposure to front‑, middle‑, and back‑office systems (e.g., OMS, PMS, trading platforms, fund accounting, risk, valuation).
• Experience supporting SOX, SOC 1/SOC 2 reliance, or regulatory examinations (e.g., SEC, FINRA) within a financial services environment.
• Proficiency in data/predictive analytics, continuous auditing techniques, audit automation or visualization tools (e.g., ACL, Python, Power BI, SQL).
• Experience evaluating cybersecurity, cloud security, or technology risk management programs in mature control environments.
• Background in public accounting, internal audit, or consulting (Big 4 or comparable), with demonstrated ability to manage stakeholders and complex audits.

Responsibilities

• Conduct comprehensive risk‑based IT audits covering IT general controls, application controls, infrastructure, cybersecurity, and technology processes supporting investment and fund operations.
• Assess design and operating effectiveness of controls across systems supporting front-, middle-, and back-office operations.
• Evaluate technology risks related to cloud platforms, data management, automation, and third‑party/vendor relationships, and provide pragmatic recommendations.
• Develop detailed audit work programs, perform walkthroughs, test controls, and clearly document audit results in accordance with IIA standards.
• Communicate audit findings, risk implications, and recommendations to senior management in a clear, concise, and actionable manner.
• Monitor and track remediation of audit issues, validating corrective actions and reporting status to leadership as appropriate.
• Collaborate with business, technology, risk, compliance, and external stakeholders within a highly matrixed organization.
• Contribute to continuous improvement of the IT audit methodology, tools, and use of data analytics or automation where appropriate.
• Collaborate closely with senior leaders across Allspring to develop and implement effective company control strategies.
• Build professional and credible relationships with various functional areas within the business.