IT AuditorJob Description, Salary, Career Path, and Trends
Information technology (IT) auditors are responsible for planning, coordinating, conducting, and reporting on IT audits of networks, applications, system development, and corporate systems and processes. They must collect and evaluate data about an organization’s systems, practices, and operations, as well as to conduct fieldwork, assess the effectiveness of results, and identify issues to find resolutions. IT auditors work in myriad industries, including health care, construction, finance, and technology.
Sample job description #1
This position will lead and participate in audits and consulting projects, under the oversight of the Chief Audit and Ethics Officer, with the objective of analyzing and assessing the District’s enterprise technology (ET) infrastructure and cybersecurity. Works both autonomously and with the internal audit team to execute risk-based internal audits utilizing agile auditing principles. Serves as the internal audit team’s subject matter expert (SME) in identifying ET and cybersecurity risks and recommendations for management to strengthen operations. Builds and maintains relationships within the internal audit team and other departments.
Education, training and experience
Bachelor’s Degree in Computer Science, Management Information Systems, or another Business-related field is required
4+ years of experience in ET related position required
2+ years in internal or external auditing preferred
Prior knowledge and experience in the following areas is preferred but not required
Applying IT and Cybersecurity control frameworks including CIS 18, NIST, COBIT, ISO 2700
System and software applications and related controls including Active Directory, SAP(ERP) roles, and profiles
Data analysis and visualization tools such as ACL, MS Office, MS Business Intelligence, SAP, SAC
Networking infrastructure and data center designing including Cloud
Industrial computer control systems and devices including IoT, Programmable Logic Controllers (PLC)
Agile project development and/or agile auditing principles
Institute of Internal Auditors (IIA) International Professional Practices Framework
Licenses and/or certifications
Certified Information Systems Auditor (CISA) or
Certified Information Security Manager (CISM or
Certified Information Systems Security Professional (CISSP) or
Acquire certification within 3 years of beginning employment
Essential duties & responsibilities
Plans, leads, and executes risk-based ET audits and consultation projects within a team based agile auditing approach using established internal and ET auditing standards
Participates as the ET SME on team based operational, compliance, and financial audits
Builds relationships with internal audit clients to ensure communication and delivery of value-added services
Ensures audit documents (narratives, process flows, risk assessments, programs, workpapers, etc.) and reports, with minimal revisions required, capture the procedures performed, support conclusions reached, identify internal controls and control weaknesses, and provide value-added recommendations
Delivers reports to communicate observations, issues, risks, and recommendations
Assists the Chief Audit and Ethics Officer with the internal audit department’s annual audit plan and ET risk assessment
Serves as a subject matter expert consulting management by providing direction and feedback outside of normal audit procedures
Conducts and/or provides assistance in investigations related to ethics, fraud, and/or other issues
Accountable for other duties as assigned
Employees & Teamwork/Diversity & Inclusion
Public Service/Environmental Stewardship
Sample job description #2
The IT Auditor works with internal audit, business and IT Management to plan and perform basic to complex internal and enterprise-wide IT, operational and regulatory audits. This responsibility includes performing internal audits of the development life cycle, cyber security procedures and third party risk management. Additional responsibilities of the IT Auditor include: Identifying control deficiencies, assessing exposure and significance, proposing cost effective recommendations, and preparing internal audit reports reflecting the results of the work performed. Our IT Auditor may also perform follow-up on the status of outstanding audit issues.
Conduct IT risk assessment by understanding business objectives, internal controls, enabling technology, and IT infrastructure
Perform audit work over various technologies utilized by the company and various IT functions. Assess both the design and operating effectiveness of internal controls
Prioritize and assist in scheduling audit tests to be performed, and interact with auditees to obtain the necessary information
Contribute to identification of department operational efficiencies and changes in auditing operations
Evaluate controls designed to prevent or detect fraud, including management override of controls
Prepare and present findings as needed
Communicate audit results and recommendations both orally and in writing to the management
Schedule and conduct presentations at meetings with auditees and management as needed
Participate in audit teams and department committees
Acquire additional knowledge of regulations and emerging technologies
All other duties as assigned
Bachelor’s degree preferred, high school diploma (or equivalent) in combination with significant experience will be considered in lieu of degree. Minimum of high school diploma or equivalent is required.
2+ years experience of experience in information systems auditing
Ability to travel
Excellent analytical skills
Ability to resolve problems and make decisions independently
Excellent verbal and written communications
Skilled in operating personal computer and various software packages (Microsoft Office, Outlook, Excel, etc.)
Experience with ACL, Power BI, or other data analytics software preferred
CRISC, CISA, CISSP, CRISC, CIA, CISM, CGEIT, or other relevant certification
Knowledge of FINRA, SEC, and compliance rules and regulations
Knowledge of cybersecurity and IT infrastructure
2+ years previous financial services industry or audit experience
Sample job description #3
ABC Company has an opportunity for a IT Auditor for one of our top clients. The successful candidate will be reviewing the audits that are sent over before they are delivered to the auditors. They will also be responding to the audit queries, trying to understand what they are asking for, and ensuring the audits are correct.
Here are the details:
Position: IT Auditor
Location: (City, State) (100% Remote)
Duration: 6 Months – C2H
Interacting with different folks to get artifacts and engage teams and stakeholders
Help ensure regulations for technologies
Control testing/framework (Version 4 or 5)
Working with Auditors
5-7 years of IT Auditor experience or some sort of expert knowledge around Auditing
2ND Line Tech/operation Risk roles
Strong technical background, supporting the regulations for technologies and understand the artifacts in which are being audited.
Should have exposure to the following technologies – ITIL, SQL, and Access Management
Must understand the SDLC process and have worked in that type of environment
Some sort of Audit certification ( Ex. CISA) OR CISSP ( Security Cert)
Nice to haves:
Capital Markets knowledge
Information Security experience
Average salary and compensation
The average salary for an IT auditor is $123,900 in the United States. Position salary will vary based on experience, education, company size, industry, and market.
Los Angeles, California
Minneapolis-St. Paul, Minnesota
New York City, New York
Sample interview questions
What is the primary objective of IT auditing?
Do you have any relevant certifications for this position?
As an IT auditor, what would you say the most important quality you have is?
What systems and applications would you audit in order to ensure the control and security of your company?
What is the objective of extranets and intranets?
If you discovered a breach in the system, how would you go about resolving it?
How do you ensure that your system remains secure?
We match top professionals with great employers across the country. Your next career move or star employee is just around the corner. Review our career content and advice, browse our latest job openings, or email us your resume. We look forward to connecting with you soon!