senior internal auditor, IT Audit

About The Position

Requirements

• 4 years of progressive experience in IT Audit, IT Risk Management, or Technology compliance
• Demonstrated knowledge of internal IT controls, risks, environments, and test procedures
• Ability to independently execute audit tests and evaluations with high efficiency and quality
• Hands‑on experience performing IT General Controls and SOX 404 IT audit work in a public company or large corporate environment.
• Ability to communicate clearly and concisely, with experience presenting audit conclusions to management
• Bachelor’s degree in Accounting, Management Information Systems (MIS), Information Systems, Computer Science, Information Technology, or related field
• Ability to perform risk assessments, design and execute risk-based audit programs, evaluate control design and operating effectiveness
• Deep understanding of IT General Controls (ITGC), Application controls, SDLC and change management processes, Information security concepts (IAM, encryption, vulnerability management, networks)
• Familiarity with leading IT frameworks and standards such as NIST 800-53, ISO 27001, SOC 1 / SOC 2
• Experience supporting and coordinating with external auditors
• Strong attention to detail and accuracy while working under tight deadlines
• Comfort interacting with IT Engineering, Cybersecurity teams, Product teams, and External auditors
• Capability to translate technical concepts into clear, business‑focused risk discussions

Nice To Haves

• Experience in public accounting (Big-4 or national firm) or Internal Audit functions in Fortune 500, large multinational firms with complex technology environments
• Professional certifications (CISA strongly preferred); CISA, ISO 27001 Lead Auditor, CISSP, CIA, CISM
• Previous experience auditing Cloud platforms (AWS, Azure, GCP), SaaS ecosystems, or product‑driven tech stacks
• Proficiency in data analysis tools
• Familiarity with Generative AI techniques to drive efficiencies in audit execution

Responsibilities

• With the support of an Audit Project Lead, perform end‑to‑end IT audit assessments, including test planning, scoping, fieldwork, and reporting
• Independently conduct audit walkthroughs, document business processes and procedures, analyze audit evidence, and identify deficiencies
• Assess the design and operating effectiveness of application, infrastructure, and security controls across complex on‑premise and cloud environments
• Evaluate technology risks related to cybersecurity, system implementations, software development lifecycle controls (SDLC), data privacy, and third‑party risks
• Support and execute SOX 404 IT control testing, including coordination with external auditors and management, and SOX 302 IT procedures
• Translate, in common English, key internal and external IT risks, deficiencies, and trends
• Support creation of audit reports and closing meeting materials and assist with project wrap-up
• Follow up on issue remediation progress, including validating remediation details
• Coordinate and communicate engagement and initiative status

Benefits

• medical
• dental
• vision
• basic and supplemental life insurance
• other voluntary insurance benefits
• short-term and long-term disability
• paid parental leave
• family expansion reimbursement
• paid vacation from date of hire
• sick time (accrued at 1 hour for every 25 hours worked)
• eight paid holidays
• two personal days per year
• 401(k) retirement plan with employer match
• discounted company stock program (S.I.P.)
• Starbucks equity program (Bean Stock)
• incentivized emergency savings
• financial well-being tools
• 100% upfront tuition coverage for a first-time bachelor’s degree through Arizona State University’s online program via the Starbucks College Achievement Plan
• student loan management resources
• access to other educational opportunities
• backup care
• DACA reimbursement