Senior IT Auditor

Humana

6d•Remote

About The Position

The Internal Audit Consulting Group drives the achievement of Humana’s strategic and financial objectives. The Senior Internal Auditor provides value-added service by evaluating the efficiency and effectiveness of Humana’s operational processes. Job Description As a Senior IT Audit Professional, you will play a critical role in assessing and strengthening Humana's cybersecurity, technology governance, and emerging technology risks. You will operate within a large, diverse, and technically challenging enterprise environment, evaluating complex systems, distributed architectures, and rapidly evolving technologies while helping ensure that controls are designed effectively, operating as intended, and aligned with Humana's policy and strategic objectives. In this role: Perform IT audit and cybersecurity-focused consulting engagements, evaluating application, infrastructure, and cloud environments following established audit methodology and within budgeted timeframes. Execute IT audit procedures, including planning, walkthroughs, control testing, data analysis, and documentation of results in complex environments requiring significant technical judgment. Apply professional IT audit concepts, cybersecurity frameworks (e.g., NIST CSF), and established technologies while consistently using standard audit techniques such as control testing, data analysis, and risk assessment. Review, analyze, and interpret IT, security, and operational data to identify control gaps, technology risks, and vulnerabilities within Humana's governance, risk, and control environment with a primary focus on cybersecurity and technology operations. Audit and evaluate cybersecurity controls across a large and intricate technology landscape, spanning cloud platforms, identity and access management systems, distributed infrastructure, network architectures, and enterprise applications. Assess emerging risks, including those related to AI/ML technologies, cloud transformation, identity modernization, data governance, and evolving threat vectors. Identify control weaknesses, cybersecurity vulnerabilities, misconfigurations, and root causes, and prepare clear, actionable draft audit issues that reflect impact, likelihood, and risk alignment. Ensure risks are mitigated by recommending security-focused improvements. Clearly and concisely communicate the results of IT audit and cybersecurity engagements through written reports and presentations to management, translating technical risks into business relevant impact. Prepare and communicate clear, concise, and risk-focused audit reports and recommendations for management, translating deep technical issues into business relevant insights. You will leverage AI and automation tools to improve audit risk assessment, testing and document process improvements for department-wide adoption. Use your skills to make an impact In this role, you will: Perform IT audit and cybersecurity-focused consulting engagements, evaluating application, infrastructure, and cloud environments following established audit methodology and within budgeted timeframes. Execute IT audit procedures, including planning, walkthroughs, control testing, data analysis, and documentation of results in complex environments requiring significant technical judgment. Apply professional IT audit concepts, cybersecurity frameworks (e.g., NIST CSF), and established technologies while consistently using standard audit techniques such as control testing, data analysis, and risk assessment. Review, analyze, and interpret IT, security, and operational data to identify control gaps, technology risks, and vulnerabilities within Humana's governance, risk, and control environment with a primary focus on cybersecurity and technology operations. Audit and evaluate cybersecurity controls across a large and intricate technology landscape, spanning cloud platforms, identity and access management systems, distributed infrastructure, network architectures, and enterprise applications. Assess emerging risks, including those related to AI/ML technologies, cloud transformation, identity modernization, data governance, and evolving threat vectors. Identify control weaknesses, cybersecurity vulnerabilities, misconfigurations, and root causes, and prepare clear, actionable draft audit issues that reflect impact, likelihood, and risk alignment. Ensure risks are mitigated by recommending security-focused improvements. Clearly and concisely communicate the results of IT audit and cybersecurity engagements through written reports and presentations to management, translating technical risks into business relevant impact. Prepare and communicate clear, concise, and risk-focused audit reports and recommendations for management, translating deep technical issues into business relevant insights. You will leverage AI and automation tools to improve audit risk assessment, testing and document process improvements for department-wide adoption.

Requirements

Bachelor's degree in computer science, Information Systems, or related field.
At least 3 years of IT risk audit or consulting experience, or IT experience focusing on systems operations, software development, cybersecurity, cloud, AI, or infrastructure.
IT risk or assurance audit experience required
Foundational knowledge of AI concepts, risks, and controls, including understanding how AI/ML models impact data integrity, security, and governance.
Ability to evaluate AI-enabled systems, including assessing algorithmic transparency, data quality, model monitoring, and emerging AI cybersecurity risks enabled systems, including assessing algorithmic transparency, data quality, model monitoring, and emerging AI cybersecurity risks.
Successful track record in facilitating and consulting across teams and managing projects.
Excellent organizational skills and attention to detail.
Must be team-oriented and maintain‑oriented and maintain an optimistic, collaborative attitude.
Must demonstrate the ability to manage multiple or competing priorities effectively.
Must exhibit excellent communication skills, both oral and written.
The candidate must possess strong implementation and execution capabilities, along with well-developed critical thinking skills.
The candidate must have an aptitude for building effective working relationships with associates across the department and the broader business.
Must be passionate about contributing to an organization focused on continuously improving consumer experiences.
You will be asked to be a self-starter with the ability to work independently and with minimal supervision.

Nice To Haves

Certification relative to IT audit such as CISA, CISM, or CISSP are preferred.
A certification is required for promotion to leadership.

Responsibilities

Perform IT audit and cybersecurity-focused consulting engagements, evaluating application, infrastructure, and cloud environments following established audit methodology and within budgeted timeframes.
Execute IT audit procedures, including planning, walkthroughs, control testing, data analysis, and documentation of results in complex environments requiring significant technical judgment.
Apply professional IT audit concepts, cybersecurity frameworks (e.g. NIST CSF), and established technologies while consistently using standard audit techniques such as control testing, data analysis, and risk assessment.
Review, analyze, and interpret IT, security, and operational data to identify control gaps, technology risks, and vulnerabilities within Humana's governance, risk, and control environment with a primary focus on cybersecurity and technology operations.
Audit and evaluate cybersecurity controls across a large and intricate technology landscape, spanning cloud platforms, identity and access management systems, distributed infrastructure, network architectures, and enterprise applications.
Assess emerging risks, including those related to AI/ML technologies, cloud transformation, identity modernization, data governance, and evolving threat vectors.
Identify control weaknesses, cybersecurity vulnerabilities, misconfigurations, and root causes, and prepare clear, actionable draft audit issues that reflect impact, likelihood, and risk alignment.
Ensure risks are mitigated by recommending security-focused improvements.
Clearly and concisely communicate the results of IT audit and cybersecurity engagements through written reports and presentations to management, translating technical risks into business relevant impact.
Prepare and communicate clear, concise, and risk-focused audit reports and recommendations for management, translating deep technical issues into business relevant insights.
Leverage AI and automation tools to improve audit risk assessment, testing and document process improvements for department-wide adoption.

Benefits

Humana provides medical, dental and vision benefits, 401(k) retirement savings plan, time off (including paid time off, company and personal holidays, volunteer time off, paid parental and caregiver leave), short-term and long-term disability, life insurance and many other opportunities.

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume