Responsibilities
- Lead, manage, and develop a team of approximately seven technology auditors (set expectations, coach/feedback, performance reviews, support career development).
- Provide senior-level oversight and technical judgment for global technology audit engagements (cybersecurity, infrastructure, cloud platforms, data/analytics, identity and access management, emerging technologies).
- Review and challenge technology risk assessments, audit scope, and conclusions (focus on control design, sustainability, and risk impact).
- Escalate complex/judgment-intensive technology risk issues; support Directors with risk ratings, issue framing, and management messaging.
- Ensure consistency and quality in identification, assessment, and reporting of technology risks.
- Coach and develop Lead/Senior auditors to strengthen risk-based thinking and technical judgment.
- Contribute to technology audit methodologies, guidance, and playbooks (with focus on cybersecurity and data-related risk).
- Identify emerging technology/cyber risk trends and advise on audit coverage, skills, and resourcing.
- Support integration of technology audits with financial and compliance audits, as appropriate.
- Collaborate on external audit coordination, co-sourcing, and talent sourcing.
Qualifications
- Bachelorβs degree in IT/CS/Engineering/Business/Accounting or related field; advanced degree desirable.
- 8+ years relevant experience in technology audit/risk management, cybersecurity, cloud architecture, data platforms (internal audit/consulting/industry).
- People-management experience (coaching, performance management, development).
- Strong judgment-based, risk-focused technology/cyber risk assessment.
- Solid understanding of technology control design.
- Experience across cybersecurity, cloud infrastructure, IAM, data platforms, third-party technology risk, and system dev/change processes.
- Ability to communicate complex risks to non-technical/executive stakeholders.
- Ability to mentor auditors into risk-based thinking and judgment.
- Familiarity with COBIT, NIST, ISO, and cloud shared responsibility models; apply pragmatically.
- Certifications (CISA, CISSP, CRISC, or relevant cloud/security) desirable but not required.
Benefits
- Paid time off (vacation, holidays, sick), medical/dental/vision insurance, and 401(k) to eligible employees.
- Eligible for short-term incentive programs.