IT Sr Auditor

Job Type

IT Senior Auditor 

General Description

The Senior IT Auditor independently executes and leads complex, risk‑based IT audits across systems, applications, infrastructure, and cybersecurity domains within a regulated financial services environment. This role evaluates whether technology risks are appropriately identified and mitigated, controls are designed and operating effectively, and regulatory and internal requirements are met.

The Senior IT Auditor is expected to apply sound professional judgment, coach junior auditors, and serve as a trusted advisor to management while maintaining independence and objectivity.

Essential Duties and Responsibilities

Lead and execute risk‑based IT and Cyber audits covering:

1. IT General Controls (ITGCs)
2. Application controls
3. Cybersecurity and information security
4. Cloud computing environments
5. Emerging technologies and digital initiatives

• Perform and oversee process walkthroughs, control design assessments, and operating effectiveness testing.
• Identify and assess technology, cybersecurity, and operational risks, including regulatory and compliance impacts.
• Design and execute data analytics and automated audit procedures using audit tools and scripting techniques to identify anomalies or control failures.
• Prepare high‑quality audit documentation in accordance with Internal Audit standards and methodologies.
• Develop clear, well‑supported audit findings, including root cause analysis, risk impact, and practical remediation recommendations.
• Draft and review audit reports and communicate results effectively to audit management and stakeholders.
• Serve as a subject matter resource for IT and cybersecurity topics within the audit team.
• Provide informal leadership and coaching to staff auditors and, as needed, lead portions of audits or special reviews.
• Monitor industry trends, emerging risks, and regulatory developments affecting technology and cybersecurity.
• Support continuous improvement of the Internal Audit function, including methodology enhancements, analytics, and automation initiatives.

Education

Experience

3–6 years of experience in:

IT audit, internal audit, external audit, or technology risk; and/or

Relevant hands on IT, cybersecurity, or systems implementation roles.

Experience auditing or supporting financial institutions or other highly regulated environments strongly preferred.

Certifications / Licenses (Preferred)

Other Qualifications

Technical Knowledge & Expertise

• Strong understanding of IT control frameworks and audit concepts, including:
• IT General Controls (access, change management, IT operations)
• Application and interface controls
• Solid knowledge of cybersecurity and information security practices, including:
• Identity and access management
• Vulnerability and patch management
• Incident response and monitoring
• Familiarity with industry standards and regulatory guidance such as:
• COBIT, NIST, ISO 27001, FFIEC, SOC 1 / SOC 2
• Experience with modern technology environments, including:
• Windows, Active Directory, Microsoft 365
• Databases and SQL querying
• Cloud platforms (e.g., Azure, AWS, or GCP) – hands‑on or audit experience preferred
• Proficiency in data analytics and audit tools (e.g., ACL, Arbutus, Power BI, Python, or similar).
• Advanced proficiency in Microsoft Excel, Word, and PowerPoint.

Professional Skills & Attributes

Professional Skills & Attributes

• Strong analytical, critical thinking, and problem‑solving skills.
• Excellent written and verbal communication skills, with the ability to convey technical concepts to non‑technical audiences.
• Demonstrated ability to work independently, manage multiple priorities, and meet deadlines.
• Proven interpersonal and relationship‑building skills with auditees and stakeholders.
• Ability to operate effectively in a fast‑paced, regulated environment.
• Bilingual (English / Spanish) communication skills preferred.
• Willingness to travel as required.

Leadership Expectations

• Acts as a role model for audit professionalism, ethics, and quality.
• Provides guidance and coaching to staff auditors.
• May lead audit segments or special projects and coordinate work of others when needed.

Region Locations

Hato Rey, SJ 

Popular Center 

Values