Manager, IT Audit

The Position:

The Manager, IT Audit is a leader within the Internal Audit team, responsible for planning, overseeing, executing, and reporting on IT audits, control assessments, and risk reviews across technology domains, including SOX and operational audits. This role provides independent, objective assurance and advisory services over IT General Controls (ITGCs), application controls, cybersecurity, cloud platforms, data governance, and emerging technology risks, helping Veracyte strengthen its control environment and manage IT risk. This role will focus on building strong relationships with internal stakeholders and external audit and has a forward-thinking approach to audit innovation.

Key Responsibilities

• Independently manage the SOX IT controls testing program, including planning, scheduling, execution of walkthroughs and testing, evidence collection,  deficiency assessment, and remediation tracking.
• Perform comprehensive risk assessments to identify areas of audit focus and potential weaknesses in internal controls with the support of the broader internal audit team.
• Lead, mentor, and manage direct reports, providing guidance, feedback, and professional development opportunities.
• Develop audit testing attributes, audit procedures, and scope audit activities to address key risks and control objectives.
• Oversee the preparation and perform the review of audit workpapers, narratives, and flowcharts, ensuring documentation is well-supported and includes an evaluation of operational efficiency, control effectiveness, and policy compliance.
• Prepare comprehensive audit reports and project updates, communicate results effectively in writing and verbally, and ensure clarity and context for diverse audiences, including senior management and external partners.
• Build and maintain trusted relationships with internal and external partners, including IT, Finance & Accounting, GRC, and external auditors, to coordinate SOX testing, remediation, and broader security initiatives.
• Lead or support special projects related to security initiatives, investigations, risk management, and process improvements.
• Identify and develop opportunities for AI, automation, or data analytics to enhance audit procedures and outcomes.
• Ensure accurate and current documentation in risk and control matrices, deficiency logs, and audit management systems.

Who You Are:

• 6+ years in internal audit or IT audit, with progressive leadership experience and deep knowledge of internal controls, information security, and SOX. Experience in life sciences industries preferred.
• Bachelor’s or Master’s degree in information systems, computer science, accounting, or related field required.
• Experience in Big 4 public accounting or large corporate internal audit environments preferred.
• At least one professional certification (CISA, CISSP, CIA, CPA, etc.).
• Proven experience executing audits under internal control frameworks, audit standards, and compliance frameworks (SOX, COSO, GAAP, IIA