Technology Audit Lead

Job Overview

We are seeking a highly motivated and detail-oriented Technology Audit Lead to join our Internal Audit team. This role is ideal for someone with strong experience in auditing frameworks such as NIST, SOC 1 & SOC 2, and COBIT, and who possesses a deep understanding of technology controls. The successful candidate will assess the design and effectiveness of technology controls across various systems and processes, providing assurance to senior leadership on the organizations IT audit and risk posture.

Key Responsibilities

• Plan, execute, and report on technology audits covering infrastructure, applications, cybersecurity, and cloud environments.
• Assess IT control frameworks including but not limited to NIST 800-53/800-171, SOC 1/SOC 2, ISO 27001 and COBIT 2019.
• Evaluate the design and operating effectiveness of controls over areas such as access management, change management, data protection, and business continuity.
• Collaborate with cross-functional teams including IT, cybersecurity, risk management, and compliance.
• Develop audit procedures and programs that align with industry standards and internal risk assessments.
• Prepare detailed audit reports and communicate findings and recommendations to management and stakeholders.
• Track remediation of audit issues and validate closure of management actions.
• Provide advisory support on control implications of emerging technologies and IT projects.
• Develop a strong understanding on regulatory requirements and industry best practices related to IT governance, risk, and compliance.

Qualifications

• Bachelors degree in Information Technology, Information Systems, Computer Science, or related field.
• Minimum of 7+years of experience in IT audit, technology risk, or IT compliance roles.
• Proven experience with NIST, SOC 1/SOC 2, and COBIT audit frameworks.
• Strong knowledge of technology controls, including logical access, change management, security configurations, and incident management.
• Professional certifications such as CISA, CISSP, CRISC, or CIA are highly desirable.
• Familiarity with cloud technologies (AWS, Azure) and associated control frameworks.
• Strong analytical, communication, and report-writing skills.
• Ability to work independently and as part of a team in a dynamic, fast-paced environment.

Preferred Skills

• Experience with automated audit tools, data analytics, or GRC platforms.
• Understanding of regulatory environments (e.g., SOX, GDPR, ISO 27001).
• Knowledge of DevOps, ITIL, or Agile methodologies.