Associate Director, Global Technology Internal Audit
BioSpace · North Chicago, IL · 3 wk ago
Business DevelopmentFull-time
Responsibilities
- Lead, manage, and develop a team of approximately seven technology auditors, including setting performance expectations, providing ongoing coaching and feedback, conducting performance reviews, and supporting career development and progression.
- Provide seniorlevel oversight and technical judgment for global technology audit engagements, including cybersecurity, infrastructure, cloud platforms, data and analytics environments, identity and access management, and emerging technologies.
- Review and challenge technology risk assessments, audit scope, and conclusions to ensure appropriate focus on control design, sustainability, and risk impact, not solely operating effectiveness.
- Serve as a primary escalation point for complex or judgmentintensive technology risk issues, supporting Directors in determining appropriate risk ratings, issue framing, and management messaging.
- Ensure consistency and quality in how technology risks are identified, assessed, and reported across audits, particularly in highrisk or externally exposed environments.
- Coach and develop Lead and Senior auditors to strengthen riskbased thinking, technical judgment, and the ability to articulate technology risk in clear business terms.
- Contribute to the development, maintenance, and continuous improvement of technology audit methodologies, guidance, and playbooks, with particular focus on cybersecurity and datarelated risk areas.
- Identify emerging technology and cyber risk trends and advise Internal Audit leadership on implications for audit coverage, skills, and resource needs.
- Support integration of technology audit activities with financial and compliance audits, as appropriate, to enhance efficiency and risk coverage.
- Collaborate with Directors to support external audit coordination, cosourcing activities, and talent sourcing strategies to ensure the technology audit team maintains the skills required to address evolving risks.
Qualifications
- Bachelors degree in Information Technology, Computer Science, Engineering, Business, Accounting, or a related field from an accredited four-year college or university. An advanced degree is desirable.
- 8+ years of relevant experience in technology audit, technology risk management, cybersecurity, cloud architecture, data platforms, or related areas, gained through internal audit, consulting, or industry roles.
- Demonstrated peoplemanagement experience, including coaching, performance management, and development of professional staff.
- Strong ability to assess technology and cyber risks using judgmentbased, riskfocused approaches rather than checklistdriven testing alone.
- Solid understanding of technology control design concepts and how technology risks can manifest even when controls are formally in place.
- Experience across multiple technology domains such as cybersecurity, cloud infrastructure, identity and access management, data platforms, thirdparty technology risk, and system development or change processes.
- Proven ability to communicate complex technology and cyber risks clearly to nontechnical stakeholders, including executive management.
- Demonstrated capability to mentor and develop auditors beyond execution into riskbased thinking and technical judgment.
- Familiarity with relevant frameworks and standards (e.g., COBIT, NIST, ISO, cloud shared responsibility models), with the ability to apply them pragmatically.
- Professional certifications such as CISA, CISSP, CRISC, or relevant cloud/security certifications are desirable but not required.