Support and enhance the organization’s technology risk management, audit coordination, and IT control framework
Coordinate audit preparation activities—including scheduling, evidence collection, and stakeholder communication—for internal audits and regulatory examinations
Serve as the primary liaison between Internal Audit, IT, and Compliance teams
Oversee and track remediation activities; validate completion and effectiveness of corrective actions for technology-related audit findings
Conduct comprehensive Technology Risk Assessments, identifying inherent and residual risks across infrastructure, applications, security, and cloud environments
Evaluate the design and operating effectiveness of technology controls
Perform independent control testing to verify compliance with policies, standards, and regulatory requirements
Advise IT leadership on control gaps, deficiencies, risks, and recommended remediation strategies
Provide risk insights for new initiatives, technology implementations, cloud migrations, and major IT projects
Support enhancements to the IT risk management framework, control library, and GRC tooling
Monitor emerging technology risks and collaborate with stakeholders to develop mitigating controls
Contribute to the development and maintenance of IT policies, standards, and procedures

Requirements

Bachelor’s degree in information technology, Cybersecurity, Risk Management, or related field (or equivalent experience)
5-10+ years of experience in IT risk, audit, information security, or technology governance
Strong knowledge of IT controls frameworks (e.g., COBIT, NIST, ISO 27001) and regulatory requirements (SOX, FFIEC, SOC, etc.)
Experience working with audit functions and responding to regulatory reviews
Ability to analyze control gaps and articulate risks clearly to technical and non-technical stakeholders
Professional certifications such as CISA, CRISC, CISSP, CIA, or similar (preferred)
Experience with GRC platforms (e.g., Archer, ServiceNow GRC, MetricStream) (preferred)
Familiarity with cloud technologies (AWS, Azure, GCP) and related risk assessments (preferred)
Prior first line Technology experience (preferred)

Benefits

Medical, Dental, and Vision (plus much more)
401(k) Plan with Company Match
Short- & Long-Term Disability
Wellness Programs
Group Life and AD&D Insurance
Paid Vacation, Sick Days and bank Holidays
Employee Engagement Activities including Employee Appreciation Day, DEI Employee Resource Groups, Corporate Social Responsibility, Service Recognition

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

IT risk managementaudit coordinationtechnology risk assessmentscontrol testingIT controls frameworkscloud risk assessmentsremediation strategiescompliance verificationrisk analysistechnology governance

Soft Skills

stakeholder communicationanalytical skillsarticulation of riskscollaborationadvisory skills

Certifications

CISACRISCCISSPCIA