Senior IT Auditor

Role Overview

• Perform IT audit and cybersecurity-focused consulting engagements, evaluating application, infrastructure, and cloud environments following established audit methodology and within budgeted timeframes.
• Execute IT audit procedures, including planning, walkthroughs, control testing, data analysis, and documentation of results in complex environments requiring significant technical judgment.
• Apply professional IT audit concepts, cybersecurity frameworks (e.g., NIST CSF), and established technologies while consistently using standard audit techniques such as control testing, data analysis, and risk assessment.
• Review, analyze, and interpret IT, security, and operational data to identify control gaps, technology risks, and vulnerabilities within Humana's governance, risk, and control environment with a primary focus on cybersecurity and technology operations.
• Audit and evaluate cybersecurity controls across a large and intricate technology landscape, spanning cloud platforms, identity and access management systems, distributed infrastructure, network architectures, and enterprise applications.
• Assess emerging risks, including those related to AI/ML technologies, cloud transformation, identity modernization, data governance, and evolving threat vectors.
• Identify control weaknesses, cybersecurity vulnerabilities, misconfigurations, and root causes, and prepare clear, actionable draft audit issues that reflect impact, likelihood, and risk alignment.
• Ensure risks are mitigated by recommending security-focused improvements.
• Clearly and concisely communicate the results of IT audit and cybersecurity engagements through written reports and presentations to management, translating technical risks into business relevant impact.
• Prepare and communicate clear, concise, and risk-focused audit reports and recommendations for management, translating deep technical issues into business relevant insights.
• Leverage AI and automation tools to improve audit risk assessment, testing and document process improvements for department-wide adoption.

Requirements

• Bachelor's degree in computer science, Information Systems, or related field.
• At least 3 years of IT risk audit or consulting experience, or IT experience focusing on systems operations, software development, cybersecurity, cloud, AI, or infrastructure.
• Certification relative to IT audit such as CISA, CISM, or CISSP are preferred.
• A certification is required for promotion to leadership.
• IT risk or assurance audit experience required.
• Foundational knowledge of AI concepts, risks, and controls, including understanding how AI/ML models impact data integrity, security, and governance.
• Ability to evaluate AI-enabled systems, including assessing algorithmic transparency, data quality, model monitoring, and emerging AI cybersecurity risks enabled systems, including assessing algorithmic transparency, data quality, model monitoring, and emerging AI cybersecurity risks.
• Successful track record in facilitating and consulting across teams and managing projects.
• Excellent organizational skills and attention to detail.
• Must be team-oriented and maintain an optimistic, collaborative attitude.
• Must demonstrate the ability to manage multiple or competing priorities effectively.
• Must exhibit excellent communication skills, both oral and written.
• The candidate must possess strong implementation and execution capabilities, along with well-developed critical thinking skills.
• The candidate must have an aptitude for building effective working relationships with associates across the department and the broader business.
• Must be passionate about contributing to an organization focused on continuously improving consumer experiences.

Tech Stack

• Cloud
• Cyber Security

Benefits

• medical, dental and vision benefits
• 401(k) retirement savings plan
• time off (including paid time off, company and personal holidays, volunteer time off, paid parental and caregiver leave)
• short-term and long-term disability
• life insurance