IT Audit / Risk Control
Description:
*** no visa sponsorship, no candidates with temporary work authorizations, no recent college graduates For immediate consideration, please connect with me on LinkedIn at and then email your resume, work authorization status, current location, availability, and compensation expectations directly to - make sure to include the exact job title and job location in your email message.
IT Audit & Assurance : - Conduct risk-based audits over IT infrastructure, cybersecurity, application controls, and third-party services.
- Evaluate the design and effectiveness of IT General Controls (ITGCs), including access management, change management, and backup/recovery processes.
- Develop and execute audit programs aligned with NIST, FFIEC, ISO 27001, SOX, and COSO frameworks.
Risk Governance : - Establish and manage risk governance frameworks to monitor emerging technology risks.
- Lead risk and control self-assessments (RCSAs) across technology and business units.
- Interface with board-level committees and executive leadership on key risk indicators (KRIs) and risk appetite reporting.
Enterprise Risk Management (ERM) Audits : - Perform ERM audits evaluating strategic, operational, regulatory, and reputational risks.
- Support enterprise-level risk assessments and annual audit planning.
- Recommend actionable enhancements to enterprise-wide risk policies, risk taxonomy, and reporting standards.
Internal Controls & Compliance : - Design, test, and validate internal controls over financial reporting (SOX 404 compliance). - Review policy and procedure documentation to ensure alignment with corporate governance standards.
- Lead remediation efforts for control deficiencies and audit findings.
Third-Party Risk Management : - Assess third-party vendors’ security controls, compliance standards, and operational resilience.
- Conduct due diligence reviews - KY3P, Archer GRC, ServiceNow GRC For immediate consideration, please connect with me on LinkedIn at and then email your resume, work authorization status, current location, availability, and compensation expectations directly to - make sure to include the exact job title and job location in your email message.
#M1 #LI-DP1 . Ref: #404-IT Pittsburgh
Full Time