Senior IT Auditor

We are seeking an experienced Senior IT Auditor with active CISSP and CISA certifications to lead complex IT general controls (ITGC), application, infrastructure, and emerging technology audits. This role combines deep technical expertise with risk-based auditing to assess the design and operating effectiveness of controls across cloud platforms, cybersecurity programs, data governance, and third-party ecosystems. The ideal candidate thrives in dynamic environments, communicates findings to executive leadership, and drives remediation in partnership with IT, security, and business stakeholders. Key ResponsibilitiesLead end-to-end IT audits including planning, scoping, fieldwork, testing (design & operating effectiveness), and reporting for SOX 404, SOC 2, ISO 27001, NIST, and internal risk-based audits.Evaluate ITGCs across ERP systems (SAP, Oracle, NetSuite), cloud environments (AWS, Azure, GCP), Active Directory, databases, and network infrastructure.Perform integrated audits combining financial, operational, and IT controls with cross-functional audit teams.Assess cybersecurity controls (identity/access management, encryption, vulnerability management, incident response, zero trust architecture).Conduct third-party risk assessments and review vendor SOC reports, contracts, and SLA compliance.Identify control gaps, quantify risk, and draft actionable, prioritized recommendations.Present audit findings and remediation plans to C-suite, Audit Committee, and Board-level stakeholders.Mentor junior auditors and co-source resources; review workpapers for quality and completeness.Stay ahead of emerging risks: AI/ML governance, quantum computing threats, ransomware frameworks, and GenAI security.Support data analytics in audits using tools like ACL, IDEA, Power BI, or Python/SQL for continuous auditing.