IT AuditorJob Description, Salary, Career Path, and Trends

Information technology (IT) auditors are responsible for planning, coordinating, conducting, and reporting on IT audits of networks, applications, system development, and corporate systems and processes. They must collect and evaluate data about an organization’s systems, practices, and operations, as well as to conduct fieldwork, assess the effectiveness of results, and identify issues to find resolutions. IT auditors work in myriad industries, including health care, construction, finance, and technology. 

Sample job description #1

Position summary

This position will lead and participate in audits and consulting projects, under the oversight of the Chief Audit and Ethics Officer, with the objective of analyzing and assessing the District’s enterprise technology (ET) infrastructure and cybersecurity. Works both autonomously and with the internal audit team to execute risk-based internal audits utilizing agile auditing principles. Serves as the internal audit team’s subject matter expert (SME) in identifying ET and cybersecurity risks and recommendations for management to strengthen operations. Builds and maintains relationships within the internal audit team and other departments.

Education, training and experience

  • Bachelor’s Degree in Computer Science, Management Information Systems, or another Business-related field is required
  • 4+ years of experience in ET related position required
  • 2+ years in internal or external auditing preferred
  • Prior knowledge and experience in the following areas is preferred but not required
  • Applying IT and Cybersecurity control frameworks including CIS 18, NIST, COBIT, ISO 2700
  • System and software applications and related controls including Active Directory, SAP(ERP) roles, and profiles
  • Data analysis and visualization tools such as ACL, MS Office, MS Business Intelligence, SAP, SAC
  • Networking infrastructure and data center designing including Cloud
  • Industrial computer control systems and devices including IoT, Programmable Logic Controllers (PLC)
  • Agile project development and/or agile auditing principles
  • Institute of Internal Auditors (IIA) International Professional Practices Framework

Licenses and/or certifications

  • Certified Information Systems Auditor (CISA) or
  • Certified Information Security Manager (CISM or
  • Certified Information Systems Security Professional (CISSP) or
  • Acquire certification within 3 years of beginning employment

Essential duties & responsibilities

  • Plans, leads, and executes risk-based ET audits and consultation projects within a team based agile auditing approach using established internal and ET auditing standards
  • Participates as the ET SME on team based operational, compliance, and financial audits
  • Builds relationships with internal audit clients to ensure communication and delivery of value-added services
  • Ensures audit documents (narratives, process flows, risk assessments, programs, workpapers, etc.) and reports, with minimal revisions required, capture the procedures performed, support conclusions reached, identify internal controls and control weaknesses, and provide value-added recommendations
  • Delivers reports to communicate observations, issues, risks, and recommendations
  • Assists the Chief Audit and Ethics Officer with the internal audit department’s annual audit plan and ET risk assessment
  • Serves as a subject matter expert consulting management by providing direction and feedback outside of normal audit procedures
  • Conducts and/or provides assistance in investigations related to ethics, fraud, and/or other issues
  • Accountable for other duties as assigned

Core competencies

  • Customer Focus
  • Employees & Teamwork/Diversity & Inclusion
  • Integrity/Excellence
  • Public Service/Environmental Stewardship
  • Safety

Sample job description #2


The IT Auditor works with internal audit, business and IT Management to plan and perform basic to complex internal and enterprise-wide IT, operational and regulatory audits. This responsibility includes performing internal audits of the development life cycle, cyber security procedures and third party risk management. Additional responsibilities of the IT Auditor include: Identifying control deficiencies, assessing exposure and significance, proposing cost effective recommendations, and preparing internal audit reports reflecting the results of the work performed. Our IT Auditor may also perform follow-up on the status of outstanding audit issues.


  • Conduct IT risk assessment by understanding business objectives, internal controls, enabling technology, and IT infrastructure
  • Perform audit work over various technologies utilized by the company and various IT functions. Assess both the design and operating effectiveness of internal controls
  • Prioritize and assist in scheduling audit tests to be performed, and interact with auditees to obtain the necessary information
  • Contribute to identification of department operational efficiencies and changes in auditing operations
  • Evaluate controls designed to prevent or detect fraud, including management override of controls
  • Prepare and present findings as needed
  • Communicate audit results and recommendations both orally and in writing to the management
  • Schedule and conduct presentations at meetings with auditees and management as needed
  • Participate in audit teams and department committees
  • Acquire additional knowledge of regulations and emerging technologies
  • All other duties as assigned

Education requirements

  • Bachelor’s degree preferred, high school diploma (or equivalent) in combination with significant experience will be considered in lieu of degree. Minimum of high school diploma or equivalent is required.

Basic requirements

  • 2+ years experience of experience in information systems auditing
  • Ability to travel
  • Excellent analytical skills
  • Ability to resolve problems and make decisions independently
  • Excellent verbal and written communications
  • Skilled in operating personal computer and various software packages (Microsoft Office, Outlook, Excel, etc.)
  • Experience with ACL, Power BI, or other data analytics software preferred

Preferred requirements

  • CRISC, CISA, CISSP, CRISC, CIA, CISM, CGEIT, or other relevant certification
  • Knowledge of FINRA, SEC, and compliance rules and regulations
  • Knowledge of cybersecurity and IT infrastructure
  • 2+ years previous financial services industry or audit experience

Sample job description #3

ABC Company has an opportunity for a IT Auditor for one of our top clients. The successful candidate will be reviewing the audits that are sent over before they are delivered to the auditors. They will also be responding to the audit queries, trying to understand what they are asking for, and ensuring the audits are correct.

Here are the details:

  • Position: IT Auditor
  • Location: (City, State) (100% Remote)
  • Rate: Negotiable
  • Duration: 6 Months – C2H


  • Interacting with different folks to get artifacts and engage teams and stakeholders
  • Help ensure regulations for technologies
  • Control testing/framework (Version 4 or 5)
  • Working with Auditors

Must haves:

  • 5-7 years of IT Auditor experience or some sort of expert knowledge around Auditing
  • IT Auditor
  • 2ND Line Tech/operation Risk roles
  • Strong technical background, supporting the regulations for technologies and understand the artifacts in which are being audited.
  • Should have exposure to the following technologies – ITIL, SQL, and Access Management
  • Must understand the SDLC process and have worked in that type of environment
  • Some sort of Audit certification ( Ex. CISA) OR CISSP ( Security Cert)

Nice to haves:

  • Capital Markets knowledge
  • Information Security experience

Average salary and compensation

The average salary for an IT auditor is $123,900 in the United States. Position salary will vary based on experience, education, company size, industry, and market.

LocationSalary LowSalary High
Phoenix, Arizona$123,200$166,700
Los Angeles, California$139,000$188,100
Denver, Colorado$115,850$156,750
Washington, DC$141,100$190,950
Miami, Florida$115,300$156,000
Orlando, Florida$106,350$143,900
Tampa, Florida$107,400$145,350
Atlanta, Georgia$112,700$152,450
Chicago, Illinois$129,550$175,250
Boston, Massachusetts$140,050$189,500
Minneapolis-St. Paul, Minnesota$111,650$151,050
New York City, New York$147,450$199,500
Philadelphia, Pennsylvania$120,050$162,450
Dallas, Texas$116,900$158,150
Houston, Texas$115,850$156,750
Seattle, Washington$134,800$182,400
National Average$105,300$142,500

Sample interview questions

  • What is the primary objective of IT auditing?
  • Do you have any relevant certifications for this position?
  • As an IT auditor, what would you say the most important quality you have is?
  • What systems and applications would you audit in order to ensure the control and security of your company?
  • What is the objective of extranets and intranets?
  • If you discovered a breach in the system, how would you go about resolving it?
  • How do you ensure that your system remains secure?

IT Auditor Jobs in Ashburn

    Loading RSS Feed

Need help hiring an IT Auditor?

We match top professionals with great employers across the country. Your next career move or star employee is just around the corner. Review our career content and advice, browse our latest job openings, or email us your resume. We look forward to connecting with you soon!

Browse A-Z Job Descriptions