Senior IT Auditor

About The Position

Requirements

• Advanced knowledge of IT infrastructure, applications, cybersecurity, and automated controls
• Strong understanding of SOX, COSO, COBIT, NIST, GxP, GDPR, and other relevant regulatory and governance frameworks
• Strong analytical, critical‑thinking, and problem‑solving skills, with the ability to independently assess risk and propose solutions
• Comfortable working and learning independently and as part of a team
• Excellent interpersonal, communication and writing skills
• Strong organizational abilities, and attention to detail
• Experience with data analytical tools (e.g. Dataiku, Alteryx, etc.)
• Understanding of AI concepts, associated risks (e.g., model governance, data quality, access, ethical use), and internal controls relevant to AI‑enabled processes
• Minimum of 3 - 4 years of progressive experience in IT audit, information security, or technology risk
• Experience auditing and evaluating infrastructure, cybersecurity risks/controls and auditing operating systems

Nice To Haves

• Pharmaceutical, life sciences, or other regulated industry experience strongly preferred
• Big 4 or public accounting experience preferred but not required

Responsibilities

• Planning, executing, and reporting on operational IT audits
• Evaluating risks and controls, including application, infrastructure, cloud, data management, SDLC, change management, and IT operations
• Performing IT SOX control walkthroughs and testing, and preparing related documentation
• Assessing the effectiveness of cybersecurity controls, including identity and access management, vulnerability management, logging and monitoring, incident response, and security governance
• Reviewing controls related to cloud computing (e.g., AWS, Azure), SaaS platforms, data lakes, and analytics environments, including shared responsibility models
• Designing and executing data analytics‑driven audit procedures using tools such as Dataiku or equivalent, to identify anomalies, trends, and control gaps
• Applying automation, continuous auditing techniques, and responsible use of AI, where appropriate, to improve audit efficiency, coverage, and insight, including assessing AI‑enabled business processes and controls
• Managing timely completion of audit tasks, including communication of status to the auditee and the Manager/Director
• Identifying, documenting, and communicating control deficiencies, root causes, technology risks, and opportunities for improvement, providing practical, actionable recommendations aligned with business objectives
• Presenting the results of audit work to Internal Audit Management and auditees, including practical recommendations to address identified risks and/or weaknesses in internal controls as well as opportunities to enhance operational efficiencies
• Preparing clear, concise, and professional audit reports and executive‑level presentations for Internal Audit leadership, management, and key stakeholders

Benefits

• Health and wellness programs (including medical, dental, vision, life, and disability insurance)
• Fitness centers
• 401(k) company match
• Family support benefits
• Equity awards
• Annual bonuses
• Paid time off
• Paid leaves (e.g., military and parental leave)