Perform the day-to-day activities of IT audit engagements (SOC 1, SOC 2, HIPAA), and readiness assessments under the direction of a member of the management team.
Evaluate the design and effectiveness of technology controls.
Identifies and communicates IT audit findings to management.
Help identify performance improvement opportunities for assigned clients.
Communicate effectively with the clients and team members.
Lead client meetings and foster client relationships through proactive communication.
Provide weekly status reports to management.
Proactively communicate with management regarding any potential issues.

At least 1 year of experience performing IT audit engagements at a Big 4 or other audit/consulting firm.
Experience using GRC and compliance automation tools (Vanta, Drata, Secureframe) is a plus.
Basic knowledge of external audits and other skills that can be transferable.
Bachelor's degree in accounting, business, cybersecurity, or management information systems.
Candidates with an active or working towards CISA, CPA, CISSP, ISO27001 Lead Auditor, or PCI QSA certification.
Bilingual English required.

IT, GRC External Auditor, SOC 2

Key skills