Key skills
AWSAzureCloudCyber SecurityGoogle Cloud PlatformPMPPythonSQLAnalyticsBIPower BIGCPGoogle CloudIAMProject ManagementCommunicationCloud Security
About this role
Role Overview
- Plan and execute complex, risk-based IT audits that strengthen our control environment, protect critical assets, and improve resilience.
- Lead audits across cybersecurity, technology infrastructure, network operations, and cloud environments, leveraging data analytics and automation to enhance coverage and insight.
- Operate within a global team where participation and value-add are key to the success of Corporate Audit Services and adherence to IIA Standards and internal methodology.
- Plan and develop audit scope, programs, and procedures using risk-based methodologies; apply control frameworks (NIST CSF, CSA Controls, Mitre Att&ck) and map tests to regulatory expectations.
- Manage projects (budget, timelines); review working papers for quality; coach and provide guidance to staff; ensure robust issue grading with clear root-cause analysis and risk articulation.
- Help lead or support audit team in kick-off and closing meetings, effectively communicate audit objectives, scope, findings, and recommendations to management.
- Work with business stakeholders on findings follow-ups to ensure implementation of recommendations.
- Prepare crisp, concise audit reports for review by Senior Managers, Directors, and Chief Auditor.
- Use data analytics (e.g., SQL, Python, Power BI) to test controls at scale and produce meaningful visuals to aid reports.
- Participate in the development and modifications of the audit practices and tools as well as department initiatives.
- Foster risk and control awareness across the organization by working with management and other line of defense functions.
Requirements
- Post secondary in Information Technology, Cybersecurity, Computer Science, or a related field is required
- Minimum 3 years of IT auditing experience, preferably within large public organizations or external audit firms.
- Recognized professional designations (e.g., CIA, CISA, CCSK, CCSP, CISSP, CISM, PMP).
- Cybersecurity skills and hands-on audit experience covering security operations, IAM/privileged access, cloud security (AWS/Azure/GCP), and infrastructure/network controls, is required.
- Working knowledge of control frameworks and regulatory expectations (e.g., NIST CSF, ISO 27001, CIS Controls, COBIT; OSFI, SOC 2).
- Experience using data analytics tools and scripting (e.g., SQL, Python, Power BI) to support audit analytics and automated testing.
- Strong project management skills and solutions-driven
- Versed in audit methodologies
- Excellent written and communication skills
- Experience using data analytics tools
- Prior insurance industry experience is an asset.
Tech Stack
- AWS
- Azure
- Cloud
- Cyber Security
- Google Cloud Platform
- PMP
- Python
- SQL
Benefits
- Flexible work arrangements and a hybrid work model
- Possibility to purchase up to 5 extra days off per year
- Multiple benefits offered to support physical and mental wellbeing, including telemedicine, Wellness account and much more
- Share plan & other savings: up to 12% of salary or even more (ask how you could earn guaranteed income for life)