Senior IT Auditor, Internal Audit
Amazon · Seattle, WA · 2 wk ago
FinanceFull-time
What You'll Do
- Lead audits end-to-end: Scope, plan, execute, and deliver multiple audits across different business areas, balancing depth with efficiency.
- Understand the business behind the systems: Develop a clear view of how products and platforms operate, generate value, and scale — and where failures would have the greatest impact.
- Assess risk in context: Evaluate areas such as access management, data security, system reliability, and development practices — focusing on what truly matters to the business rather than applying controls mechanically.
- Analyze data to inform conclusions: Use data and analytical thinking to identify trends, validate controls, and support risk assessments.
- Translate technical and business issues into business impact: Clearly articulate how risks affect customers, revenue, regulatory exposure, or operational performance.
- Influence and partner with stakeholders: Work directly with senior engineers, product leaders, and business executives to align on risks and drive practical, scalable solutions.
- Drive meaningful outcomes: Ensure audit findings lead to real improvements, not just reports — tracking remediation and holding a high bar for closure.
- Support and mentor others: Help develop junior team members and contribute to raising the overall effectiveness of the team.
What We're Looking For
- Strong commercial acumen: You understand how technology decisions impact business performance, customer experience, and risk — and you prioritize accordingly.
- Balanced technical capability: You are comfortable navigating system architectures and asking the right questions, even if you are not building the systems yourself.
- Experience in complex environments: You have worked in roles involving IT audit, risk, security, engineering, or similar, ideally in large-scale or fast-moving organizations.
- Analytical mindset: You use data and structured thinking to form opinions, challenge assumptions, and support your conclusions.
- Executive communication skills: You can distill complexity into clear, concise messages that resonate with senior stakeholders.
- Stakeholder influence: You are confident engaging with senior leaders, handling pushback, and driving alignment in ambiguous situations.
- Sound judgment: You know when to go deep, when to escalate, and how to balance risk, speed, and business priorities.
- Ownership and independence: You take accountability for outcomes and can operate effectively with limited direction.
Basic Qualifications
- Bachelor's degree in Computer Science, Computer Engineering, Information Management, Information Systems, or other related discipline
- 5+ years of experience in roles involving technology and commercial acumen, finance/tech business partnering, IT audit, risk management, information security, or related fields.
- Experience assessing technology risks in business-critical systems or processes.
Preferred Qualifications
- 7+ years of experience in IT audit, risk management, information security, technology consulting, or related fields.
- Experience working in or auditing technology-driven businesses (e.g., platforms, data systems, consumer products).
- Familiarity with modern technology environments (cloud, distributed systems, data platforms) sufficient to assess risk and challenge stakeholders.
- Experience with or exposure to AI/ML systems, including generative AI tools and platforms.
- Experience using data and analytics to support risk assessments or audits.
- Understanding of control frameworks (e.g., COSO, COBIT, ISO, NIST), with a pragmatic approach to applying them.
- Background in consulting, Big 4, or large technology companies.
- Relevant certifications (e.g., CISA, CIA, CPA, CISSP).