Lead Senior / Manager, Technology Risk & IT Audit

We are conducting a confidential search for a large, publicly traded global technology company seeking a Lead / Manager, IT Audit & Technology Risk.

This is a high-visibility opportunity to help build and mature the IT audit and technology risk function during a major period of enterprise technology modernization. The company is scaling across advanced technology, automation, AI infrastructure, and next-generation device markets, and is investing heavily in systems, cybersecurity, data protection, and governance.

The right candidate will bring a practical mix of ITGCs, SOX, application controls, ERP / systems implementation risk, cybersecurity process audits, and stakeholder-facing technology risk work.

The company is open on level. Candidates with strong relevant experience will be considered, and the company is also open to more experienced Lead, Manager, or Senior Manager-level candidates who can bring deeper ownership and help build the function over time.

What You’ll Work On (gradually, role will evolve as ramp up progresses)

• ITGCs, SOX 404, application controls, and technology-dependent controls
• Major cloud ERP / enterprise system transformation work
• Cybersecurity process audits, including access, encryption, backup/recovery, SIEM, DLP, endpoint protection, firewall governance, and incident response
• CRM / enterprise platform access and data protection reviews
• AI governance, AI access controls, and emerging technology risk
• SDLC, change management, system implementation controls, and audit readiness
• Audit program development, risk assessment, documentation, and reporting
• Coordination with IT, Finance, Internal Audit, Cybersecurity, GRC, external audit, and outside advisory firms

Qualifications

• Relevant experience in IT audit, technology risk, IT controls, SOX ITGC, cyber risk, ERP controls, or related fields
• Big 4 / advisory, corporate IT audit, cyber GRC, or ERP controls background
• Strong ITGC / SOX foundation
• Experience with major system implementations, ERP upgrades, cloud migrations, or enterprise applications
• Ability to audit cybersecurity processes without needing to be a hands-on security engineer
• Strong communication, documentation, and project management skills
• CISA, CIA, CISM, CISSP, CRISC, CPA, or similar certification preferred

Helpful systems/tools exposure may include: Oracle, SAP, Workday, NetSuite, Microsoft Dynamics, Salesforce, Workiva, AuditBoard, ServiceNow GRC, Archer, SIEM, DLP, IAM, endpoint protection, or related platforms.

The position will start as an individual contributor (with 3rd party support as needed) and will grow over time to add direct reports. Part of a broader 8 person team, with broader business partner framework.

Compensation / Level

Expected base salary range: depending on experience and level, plus annual bonus and strong benefits. Level and internal grade, tbd.