Position: IT Internal Audit Advisor
Location: Hybrid (Reston, VA or Washington, DC)
Work Requirement: Must be able to work 3+ days a week at the assigned office
Compensation: $138,000 $180,000 / year
Additional Compensation: 20% Long Term Incentive Cash Bonus

Job Description

Our team of trusted audit professionals evaluates every aspect of client IT environment. From on-premises environments to cutting-edge cloud services, our audits cover a broad range of exciting technologies, providing a challenging environment with tremendous opportunities for personal growth.

Within IT Audit, the IT Audit Issue Follow-up team focuses on validating the remediation of significant IT-related issues stemming from regulators, management self-identified issues, and audit-identified issues. In this highly visible position, you will oversee and lead planning, executing, and reporting the results of IT-related issue validation while monitoring the overall IT risk environment. As an Advisor and valued contributor on the Audit Issue Follow-up Team, you will play a pivotal role in coaching and mentoring other team members.

The Impact You Will Make

The IT Internal Audit Advisor role offers flexibility to make each day your own while helping to improve the governance, risk, and control environment of client. You will act as a key driver of change within Internal Audit and across the organization.

Key Responsibilities:

• Apply specialized technical expertise to opine on issue validation in complex areas such as cybersecurity, resiliency, and infrastructure environments (cloud and on-premises).
• Work with management across the issue management life cycle, providing proactive feedback on remediation progress and potential gaps.
• Use a risk-based approach to develop and adjust follow-up plans and determine areas requiring additional analysis.
• Provide day-to-day project management oversight of other IT Auditors, including guidance and coaching.
• Conduct first-level review of work and documentation; communicate project objectives and motivate team members.
• Conduct testing of highly complex technical topics with autonomy and focus on high-risk areas.
• Act as a source of knowledge in technical domains and coach junior staff.
• Assist in creating points of view on issue remediation trends by compiling and analyzing data.
• Build and maintain relationships with business partners, providing advice and sharing Internal Audit knowledge.
• Ideate innovative ways to use data analytics for testing and execute associated data analytics and visualizations.

Minimum Required Experience

• 6 years of experience in IT Audit, IT Risk Management, or Information Security
• Excellent understanding of cloud technologies (e.g., Amazon Web Services)
• Exposure to cybersecurity
• Strong project management skills
• Prior experience leading IT audits and coaching audit staff
• Excellent written and verbal communication skills
• Critical thinking skills
• Strong data analytics skills and knowledge of tools/languages (Tableau, Python, Power BI, R)

Desired Experience

• 10+ years of experience in IT Audit, IT Risk Management, or Information Security
• At least 5+ years of experience in IT Audit
• Bachelor's degree or equivalent experience
• Master's degree and/or MBA in Computer Science, Information Systems, Cybersecurity, Mathematics, or a related area preferred
• One or more of the following certifications: CISA, CISSP, CEH, CRISC, CISM

Required Skills

• IT Audit, IT Risk Management, or Information Security (6+ years)
• Excellent understanding of AWS
• Exposure to cybersecurity
• Strong project management and leadership skills
• Excellent communication and critical thinking
• Data analytics proficiency (Tableau, Python, Power BI, R)

Preferred/Nice-to-Have Skills

• 10+ years of IT Audit or IT Risk Management experience
• Advanced degree (Master's/MBA preferred)
• Professional certifications (CISA, CISSP, CEH, CRISC, CISM)

Experience & Education Requirements

• Years of Experience: Minimum 6 years (10+ preferred)
• Industry Experience: Large organizations (industry flexible)
• Education: Bachelor's degree required; Master's preferred

Additional Information

What We're Looking For:

• Core Audit Experience: Candidates must have hands-on, risk-based audit experience and the ability to design and execute control testing scripts independently.
• Red Flags: Avoid candidates whose experience is primarily in compliance, vendor assessments, or audit readiness.
• Audit Issue Follow-Up: Experience in risk-based audits and/or audit issue follow-up within large, complex organizations is preferred.
• Preferred Backgrounds:
  • Internal auditors from large tech, financial services, or healthcare organizations
  • External auditors from Big 4 firms (complex engagements preferred)
• Avoid candidates from small audit shops or compliance-only backgrounds.
• Seniority: Looking for experienced professionals-not entry-level candidates or those plateaued at senior levels.