10870 - Technology Audit Manager - Integrated Risk Management "IRM"

About The Position

Requirements

• 10+ years of experience in technology audit coordination, Technology Risk, GRC, IT Audit, or Compliance.
• Hands-on experience supporting internal and/or external audits in a technology or security environment.
• Proven ability to manage complex, cross-functional stakeholder environments.
• Familiarity with GRC platforms.
• Bachelor’s degree in Cybersecurity, Information Technology, Computer science or a related field.
• Strong understanding of audit lifecycles, control testing, and issue management with strong knowledge of technology control frameworks (e.g., NIST CSF/800-53, ISO 27001, CIS).
• Exceptional organizational, tracking, and communication skills.
• Excellent stakeholder management and communication skills.
• Proficient in English for effective communication and coordination.

Nice To Haves

• Audit or assessment leadership experience working within a CISO organization or large enterprise technology environment.
• 7+yrs experience in a top tier professional services firm, leading and delivering technology audit and/or risk management engagements.
• Masters degree in Cybersecurity, Information Technology, Computer Science or a related discipline is preferred.
• Industry-recognized credentials such as CISSP, CISM, CRISC, or CIA are highly desirable.
• Bi-lingual in English and Korean language proficiency is preferred to support global coordination and communication.

Responsibilities

• Audit Planning & Intake Serve as the single point of coordination for all internal and external security related audits.
• Facilitate audit intake, ensuring audits are: Clearly scoped Appropriately prioritized Aligned with business, regulatory, and risk objectives
• Identify and confirm audit stakeholders, control owners, and subject matter experts across the environment.
• Partner with relevant stakeholders to ensure agreement and understanding of audit scope, objectives, timelines, and dependencies.
• Audit Execution & Coordination Coordinate audit activities across all phases, including: Planning Fieldwork Evidence collection Issue validation Reporting
• Ensure audits are properly staffed, with clear accountability for evidence production and responses.
• Track audit requests, evidence submissions, and auditor inquiries to ensure timely and complete responses.
• Proactively manage risks, bottlenecks, and dependencies that may impact audit timelines or quality.
• Stakeholder Engagement & Communication Drive continuous stakeholder engagement throughout the audit lifecycle.
• Ensure all stakeholders: Understand audit scope and expectations Are informed of progress, risks, and upcoming milestones Receive timely communication on changes or escalations
• Facilitate status updates, checkpoints, and working sessions with auditors and internal teams.
• Act as a trusted liaison between auditors and the Security organization, balancing transparency with control.
• Findings Management & Risk Integration Coordinate the intake, review, and validation of audit findings.
• Ensure audit findings are: Clearly understood and accurately documented Mapped to relevant controls, policies, and standards Integrated into Risk Issue Management processes
• Partner with Risk Operations to ensure: Findings are appropriately risk-rated Remediation plans are defined, owned, and tracked Closure evidence meets audit and risk standards
• Governance, Reporting & Continuous Improvement Maintain centralized audit tracking and documentation, ensuring audit readiness and traceability.
• Produce audit status reporting for the Senior Leadership, Customers, and relevant governance forums.
• Identify trends, recurring issues, and systemic control gaps across audits.
• Recommend process improvements to reduce audit friction and improve audit outcomes over time.