Sr. Lead IT Auditor

Come Join an Inclusive Team

The Senior Lead IT Auditor is an expert-level professional in the Internal Audit team, responsible for evaluating the adequacy and effectiveness of IT internal controls and processes across the organization. This role leads the most complex and high-risk IT audit engagements from start to finish with minimal to no supervision, ensuring that all audit activities meet the highest quality standards (in accordance with the Global Internal Audit Standards along with the Information Systems Audit and Assurance Standards). 

The Senior Lead IT Auditor supports audit planning and risk assessment, identifying emerging IT risks, and recommending areas of focus for the annual audit plan. This individual also spearheads continuous improvement initiatives within the audit function to enhance efficiency and effectiveness of audit processes and tools. Successful candidates are highly self-sufficient and initiative-taking, capable of making independent decisions in the field, and serving as a subject matter expert in areas such as cybersecurity, IT infrastructure, and data analytics. The Senior Lead IT Auditor is a mentor and role model to less experienced auditors, guiding them in audit methodology and professional best practices.

While based in Houston, this role involves participating in audit assignments across our global company. Travel to domestic and international locations up to 20% per year. International trips typically last up to three weeks. This position may also require overtime at times.

A Day in the Life

• Lead Complex Audits: Plan, lead, and execute multiple high-risk IT audit engagements (e.g., cybersecurity assessments, infrastructure and cloud audits, ERP/application control reviews) from scoping to reporting. Ensure audit objectives are achieved, findings are properly documented, and recommendations are developed, all with no supervisory oversight needed.
• Audit Planning & Risk Assessment: Conduct thorough risk-based planning for each audit: define scope and objectives, identify key risks and controls, and design appropriate audit testing strategies. Contribute significantly to the annual IT audit risk assessment and audit plan development by pinpointing emerging risk areas and suggesting new audit topics.
• Team Coordination: Coordinate and optimize audit team resources (including staff auditors, co-sourced personnel, or guest auditors) to ensure efficient and timely completion of audit projects. Provide clear guidance and direction to team members and adjust work assignments to maximize team productivity and strengths.
• Stakeholder Communication: Serve as the primary liaison with IT and business stakeholders during audits. Effectively communicate audit plans, progress, and issues to auditees and management, ensuring a full understanding of data flows, security policies, procedures, and system controls. Maintain a professional relationship with auditees, addressing concerns and facilitating a cooperative audit environment while maintaining auditor independence.
• Workpaper Review & Reporting: Review audit workpapers prepared by the team to ensure they are thorough and comply with Internal Audit standards. Compile and deliver clear, concise audit reports and presentations that effectively communicate findings, implications, and recommendations to senior management and other stakeholders.
• Continuous Improvement: Lead initiatives for continuous improvement of the IT audit process. Identify opportunities to enhance audit methodologies, checklists, and use of technology (such as data analytics or automation) to increase efficiency and coverage. Champion the adoption of industry best practices and emerging audit techniques within the team.
• Best Practices & Innovation: Stay abreast of the latest developments in IT, cybersecurity, and auditing. Identify and promote best practices from both internal and external sources. Generate recommendations to reduce costs, increase efficiency, and improve effectiveness of controls and processes. Drive innovation in how audits are conducted, for example by introducing new tools or refining risk assessment approaches.
• Mentoring & Leadership: Function as a role model and mentor for junior and mid-level auditors. Provide on-the-job training, share knowledge of IT topics and audit techniques, and offer constructive feedback to help develop their skills. Foster a culture of learning and high performance, and coach team members on professional standards, business acumen, and effective audit practices.
• Cross-Functional Projects: Independently lead or participate in special projects and investigations, such as corporate fraud investigations, IT incident reviews, or advisory projects. Contribute IT control expertise to integrated audits and Sarbanes-Oxley (SOX) 404 compliance efforts. Ensure that these projects are executed with the same rigor and professionalism as standard audit engagements.
• Quality Assurance: Ensure all audit work is performed in accordance with IIA Standards and Internal Audit department policies. Uphold the highest quality and ethical standards in every engagement. Demonstrate ownership of audit results and proactively follow up on audit findings to ensure effective remediation by management.

You Bring This Value

• Bachelor’s degree in Information Systems, Computer Science, Accounting, Finance, or a related field required. An advanced degree (MBA, MS in IT/Accounting, or related discipline) is a plus.
• Typically 6–9 years of progressive experience in IT auditing, information security, or a related field. This should include a record of leading complex IT audit projects independently. Experience in a Big 4 accounting firm or large corporate internal audit department is preferred, demonstrating exposure to a variety of IT environments and best practices.
• Professional certifications are strongly preferred. Examples include CISA (Certified Information Systems Auditor), CISSP (Certified Information Systems Security Professional), CISM (Certified Information Security Manager), CIA (Certified Internal Auditor), CPA, or equivalent credentials. A commitment to ongoing professional development (e.g., maintaining certifications, attending training) is expected.
• Strong knowledge of IT audit principles, cybersecurity, IT infrastructure, IT governance frameworks, and advanced experience with audit and data analytics tools.
• Excellent communication skills; initiative-taking, adaptable, and able to work independently.

What We Offer

Competencies