Director, Internal Audit (IT)

Job Summary

The Director of Global Internal Audit – IT & Information Security is responsible for leading the global Internal Audit function focused on Information Technology and Information Security. This role ensures the effectiveness of internal controls, risk management, and governance processes across the organization’s IT landscape. The position plays a critical role in safeguarding digital assets, ensuring regulatory compliance, and driving continuous improvement in audit practices. Reporting to senior leadership, this role will oversee audit strategy, execution, and team development across global operations.This position reports to the Senior Director of Internal Audit.

Job Responsibilities

• Develop and execute a global, risk-based IT audit strategy aligned with corporate objectives and regulatory requirements.
• Lead the planning and execution of audits related to IT infrastructure, cybersecurity, cloud services, data governance, and application controls.
• Oversee NI52-109/SOX ITGC (IT General Controls) planning, testing, and remediation efforts.
• Establish and maintain IT audit policies, procedures, and standards in accordance with the Institute of Internal Auditors (IIA) and ISACA frameworks.
• Collaborate with cross-functional teams to assess and improve IT risk management and control frameworks.
• Manage relationships with external auditors, co-sourcing partners, and internal stakeholders to ensure audit quality and alignment.
• Present audit findings, risk assessments, and recommendations to executive leadership and the Audit Committee.
• Lead and mentor a global team of IT audit professionals, fostering a culture of excellence and continuous learning.
• Monitor emerging technologies and regulatory changes to adapt audit practices accordingly.
• Support special projects and strategic initiatives related to IT governance and digital transformation.
• Support Enterprise Risk Management initiatives.
• Support Data Analytics withing reporting and risk management.

Job Requirements

• Education:
  • Bachelor’s degree in Information Systems, Computer Science, Engineering, Accounting, or a related field.
  • Certified Information Systems Auditor (CISA) certification is required.
  • Other certifications such as: Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Internal Auditor (CIA), Certified in the Governance of Enterprise IT (CGEIT), or Certified Fraud Examiner (CFE) preferred.
  • Advanced degrees (e.g., MBA, MS in Information Assurance) preferred.
• Knowledge, Skills and Abilities:
  • Strong understanding of IT controls, security framerwoks, (eg NIST, ISO) and regulator requirements (eg 52-109/SOX, GDPR)
  • Proficiency with audit methodology and tools including AuditBoard
  • Excellent analytical, problem-solving and comunication skills
  • Ability to work independently and as part of a team.
• Experience:
  • 15 + years in IT audit, risk management or related field.
  • Proven experience in leading and managing audit teams.