Global Head of Technology and Cybersecurity Internal Audit
CSC · United States · 1 wk ago
RemoteRemoteInformation Technology$150k–$171k/yrFull-time
Responsibilities
- Design and maintain a risk-based technology and cyber internal audit plan aligned to enterprise risks, regulatory expectations, and the evolving threat landscape.
- Lead and oversee end-to-end technology, cybersecurity, IT, and data-related internal audits across global operations, including audit planning, risk assessment, execution, reporting, and issue validation.
- Oversee the execution of IT and cybersecurity audits performed by third-party providers, ensuring work quality, adherence to Internal Audit standards, alignment with CSC’s risk framework, and appropriate coverage of key risks and controls.
- Provide independent assurance over information security, cyber resilience, cloud environments, identity and access management, data protection, third-party risk, and technology resilience.
- Evaluate controls supporting compliance with relevant regulations, standards, and frameworks (e.g., GDPR, ISO 27001, DORA, NIST, and other regional supervisory expectations).
- Cybersecurity, Technology & AI Focus:
- Assess the maturity and effectiveness of cybersecurity governance, incident response, threat management, and vulnerability management programs from an internal audit perspective.
- Lead audits and risk assessments covering cloud infrastructure, SaaS platforms, system development life cycles, and emerging technologies.
- Evaluate the design and use of AI and advanced analytics within the organization, including governance, model risk, data quality, ethical use, and cybersecurity implications from an internal audit perspective.
- Serve as a trusted advisor on emerging technology risks, including AI adoption, automation, and digital transformation initiatives.
Qualifications
- 8+ years of progressive experience in internal audit, technology risk, IT audit, or cybersecurity.
- Proven experience working within large, international organizations operating in highly regulated environments (e.g., financial services, fintech, global services, or complex multinationals).
- Deep expertise in technology and cybersecurity risk management, including cloud, data, infrastructure, and third-party ecosystems.
- Strong understanding of internal control frameworks, regulatory requirements, and supervisory expectations across multiple jurisdictions.
- Bachelor’s degree in Computer Science, Information Security, Engineering, or equivalent.
- Professional Credentials: CIA, CISA, CISSP, CRISC, or equivalent preferred.
Key Attributes
- Executive-level communication and presentation skills.
- Strong judgment with the ability to balance risk, control, and innovation.
- Ability to operate effectively across cultures, regions, and time zones.
- Willingness to travel to CSC Headquarters in Wilmington, DE on a quarterly basis and internationally as required.