Senior Manager Internal Audit - IT

The Senior Manager Internal Audit - IT is a strategic transformation leader responsible for the organization’s technology risk landscape. This role goes beyond traditional oversight; you will act as a technologist within the audit function, leveraging AI and data science to automate control environments while ensuring the digital backbone of our global operations—including Manufacturing and M&A integrations—remains secure, compliant, and efficient.

Individual contributor with significant leadership and cross-functional influence

Responsibilities: 

Innovation, AI & Audit Transformation

• AI-Enabled Control Testing: Architect and implement AI/Machine Learning models to transition from manual sample-based testing to 100% population testing.
• Annual SOX Audit: Lead SOX IT control design and operating effectiveness including identification of gaps, operating deficiencies, remediation plan and partnership with process owners to optimize control environment 
• Audit Workflow Automation: Leverage Generative AI and Robotic Process Automation (RPA) to automate the documentation of walkthroughs, drafting of audit reports, and the mapping of controls to regulatory frameworks.
• Continuous Control Monitoring (CCM): Partner with IT to build real-time dashboards that monitor key risk indicators (KRIs), moving the department toward a "continuous audit" model.
• Predictive Risk Insights: Use data signals to identify emerging risks in the Quote-to-Cash and Manufacturing cycles before they manifest as material weaknesses.
• Lead the development of automated risk-sensing capabilities and Key Risk Indicators (KRIs) within the ERM framework, leveraging data analytics to provide real-time assurance over tech-stack dependencies and third-party vendor ecosystems

Business Process & Systems Excellence

• Automated Control Testing: Review the automated controls within core value streams such as Quote-to-Cash (Q2C) and Procure-to-Pay (P2P) to ensure data integrity and system reliability.
• Annual SOX Audit: Lead SOX control design and operating effectiveness including ITGC’s,  identification of gaps, operating deficiencies, remediation plan and partnership with process owners to optimize control environment
• SDLC & Implementation: Perform pre- and post-implementation reviews for major system upgrades or ERP deployments to prevent "go-live" control failures.

Business Combinations & M&A Integration

• IT Due Diligence: Lead IT-focused risk assessments for business combinations, evaluating the target company’s security posture and control maturity.
• Post-Merger Integration (PMI): Direct the integration of acquired entities into the corporate Internal Control Framework (COSO), managing the risks associated with data migration and system cutovers.

SOX & Regulatory Compliance (GovCon Focus)

• ITGC Ownership: Lead the testing of IT General Controls (ITGC) and IT Application Controls (ITAC) for SOX 404 compliance.
• Regulatory Standards: Ensure IT systems meet stringent government contracting standards, including NIST 800-171, CMMC, and FAR/DFARS requirements.