IT Audit Manager

Westchester, NY




  • Run and implement the yearly risk-based audit plan under the direction of Internal Audit management, autonomously, execute application, infrastructure and IT process audits.
  • Execute audits consistent with IIA standards and department policies. Manage timely completion of audit including communication of status to auditee and Director.
  • Identify and document IT security, operational and process issues, internal control deficiencies, risks and opportunities for improvement.
  • Assist in the review of processes and controls as defined in the Sarbanes-Oxley Act of 2002 including review of SOC1 reports and IT key controls.
  • Present the results of audit work to Internal Audit Management and auditees, including practical recommendations to address identified risks and/or weaknesses in internal controls as well as opportunities to enhance operational efficiencies.
  • Prepare and maintain audit documentation in accordance with industry highest quality standards and internal approved guidelines.
  • Collaborate with IT department personnel, senior management, external auditors and consultants.
  • Manage 3rd party SMEs conducting technical reviews/audits on behalf of Internal Audit.
  • Supervise IT audit staff to deliver on assigned audit by providing required coaching and reviewing work papers.
  • Lead data analytics efforts using Excel, ACL and other analytics software.
  • Develop a strong working relationship with internal stakeholders and management.
  • Collaborate with other auditors and functions to perform ad-hoc projects or investigations.
  • Contribute towards the annual risk assessment for next year’s annual audit plan.
  • Continuously improve and the audit department through goals and initiatives.





  • Bachelor’s degree (Computer Science or related area)
  • At least 4 years Information Technology and/or IT audit experience.
  • Experience auditing and assessing infrastructure, cybersecurity risks/controls and auditing operating systems.
  • Big 4 audit and/or pharmaceutical industry experience is preferred.
  • CISA and/or CISSP
  • Advanced knowledge of infrastructure and IT processes and controls (e.g., change management, backup and recovery, user access/security administration) is required
  • Computer proficiency: Word, Excel and PowerPoint are required. Experience with analytical tools (Alteryx, ACL or similar), Oracle financial applications, auditing software is a plus.
  • Excellent project management skills



Note: Qualified candidates will be contacted within 2 business days of application. If an applicant does not meet the above criteria, we will keep your resume on file for future opportunities and may contact you for further discussion.


Date Posted 2/19/2020
Salary $140,000- $150,000 + bonus + stock

(2MB Max; allowed file formats: doc, docx, pdf, pptx, txt)

characters left