IT Security Internal Audit Senior Manager

We’re looking for an IT and Security risk professional with deep experience in internal audit, controls design and testing who approaches the work as a trusted advisor and problem solver—not a checkbox-driven compliance auditor. You understand IT operations, security architecture, IT General Controls at a public-company level, but you focus on what actually works in practice and keeps business moving at speed.

This role is ideal for someone who knows how internal audit should function, but prefers partnering with the business, engineering, and security teams to strengthen controls, manage risk, and enable smart growth—without slowing teams down.

You’ll start as an individual contributor with significant autonomy, influencing across technology and security organizations to help design and test a control environment that scales, stands up to scrutiny, and supports rapid execution.

RESPONSIBILITIES

• Partner with technology, security, and application owners to design, document, and test practical internal controls over IT and Security, including ITGCs and application controls
• Lead public-company–level IT and security control assessments and testing, with a strong focus on risk relevance and control effectiveness
• Identify control gaps and emerging risks, and collaborate with stakeholders on clear, actionable remediation strategies
• Execute walkthroughs, testing, and audit documentation end-to-end with clarity, efficiency, and judgment
• Document and communicate findings, root causes, and recommendations in plain, business-friendly language
• Apply data analytics and AI-enabled techniques to enhance audit and controls testing coverage
• Build trust across teams by acting as a thoughtful advisor and partner, not a compliance cop
• Present results, insights, and progress updates to senior management and leadership
• Support the development of a modern, risk-focused audit strategy covering engineering, product development, cybersecurity and Corp IT
• Ensure audit work products meet quality standards aligned with professional and regulatory expectations—without unnecessary bureaucracy
• Collaborate closely with engineering, security, and compliance teams to deliver cohesive and non-duplicative coverage of technology risks

QUALIFICATIONS 

• 10+ years of experience in internal audit, IT controls, security assurance, or related roles (public accounting a plus)
• Bachelor’s degree in Accounting, MIS, Business, or a related field
• CISA, CIA, CPA, CISSP, or similar certification preferred
• Strong understanding of SOX, PCAOB/SEC guidance, COSO, and AS5—applied with judgment
• Experience working in or supporting a public company environment
• High integrity, accountability, and—yes—a sense of humor

YOU ARE

• Strong hands-on experience with IT and security internal auditing, controls testing, and risk assessment
• A pragmatic, business-first mindset with strong analytical and problem-solving skills
• Comfort operating in ambiguous environments and balancing multiple priorities
• Clear, confident communicator who can influence without relying on authority
• Ownership mentality with a willingness to roll up sleev