GIA IT Audit Specialist

Job #:
req37226

Organization:
World Bank

Sector:
Audit

Grade:
GF

Term Duration:
4 years

Recruitment Type:
International Recruitment

Location:
Washington, DC,United States

Required Language(s):
English

Preferred Language(s):

Closing Date:
7/10/2026 (MM/DD/YYYY) at 11:59pm UTC

Description

Group Internal Audit (GIA) helps to protect and enhance World Bank Group processes by providing independent, objective and insightful risk-based assurance and advisory services. We encourage you to visit our website.

Our IT Audit Staff are passionate about the execution and delivery of assurance and advisory engagements covering IT, Data Management, and other key strategic initiatives of the World Bank Group.

This is an exciting time to join the World Bank Group's Internal Audit Vice Presidency (Group Internal Audit - GIA). In a rapidly evolving risk environment shaped by digital transformation, emerging technologies, and increasing cyber threats, GIA plays a critical role in strengthening governance, risk management, and internal controls across WBG.

We are seeking professionals who bring curiosity, sound judgment, and a collaborative mindset, and who are motivated to contribute to high-quality assurance and advisory work in complex, technology-enabled environments.

The Role
IT Audit professionals at the Audit Specialist level contribute to assurance and advisory engagements across a broad range of technology domains and strategic initiatives. The role is designed for experienced professionals who can independently assess risks, execute audit procedures, and develop clear, practical, and risk-based insights in complex, technology-enabled environments.

Key responsibilities include:
• Leading sections of risk assessments of business units, processes, and technologies to inform audit planning
• Managing multiple audit and advisory engagements in parallel, including leading assigned workstreams with limited supervision
• Executing audit procedures across areas such as technology governance, cybersecurity, cloud and hybrid environments, data governance, enterprise platforms, and digital transformation initiatives
• Assessing risks and controls related to emerging technologies, including artificial intelligence (AI), automation, APIs, and modern application architectures
• Developing process documentation, control narratives, audit work programs, and testing approaches
• Performing control testing, conducting stakeholder interviews, and documenting audit results
• Drafting clear findings and developing practical, risk-based insights for management consideration
• Contributing to integrated audits that span business processes, systems, data, and technology domains
• Using data analytics, automation, and technology-enabled audit techniques to enhance risk assessment, testing, and insight generation.

Selection Criteria

Successful candidates will demonstrate strong experience in IT audit, technology risk, or related fields, along with the ability to assess current and emerging technology risks, work independently, and contribute effectively in complex, team-based environments:
• At least 5 years of experience in IT audit, technology risk, cybersecurity, digital assurance, or related advisory roles, preferably in complex environments such as financial institutions, consulting firms, or international organizations
• Master's degree or equivalent experience with Bachelor's degree;
• CISA certification required; other relevant certifications (e.g., CISSP, CRISC, CISM, CIA, or cloud/security certifications) are strongly preferred
• Experience supporting audits, advisory engagements, or projects involving technology-enabled processes, system implementations, or digital transformation initiatives
• Practical exposure to key risk domains such as cybersecurity, cloud computing, data protection, and identity and access management
• Awareness of emerging technology risks, including AI governance, automation, cloud adoption, cyber resilience, and third-party risk
• Good understanding of enterprise technology environments, including infrastructure, applications, data, and secure development practices
• Experience using data analytics or other technology-enabled audit techniques to support assurance activities
• Ability to identify and assess risks related to evolving threat landscapes, including areas such as ransomware, data privacy, and operational resilience
• Strong analytical, communication, and stakeholder engagement skills, with the ability to synthesize information and communicate clearly
• Ability to work effectively in multidisciplinary and multicultural teams, with a collaborative, adaptable, and learning-oriented mindset
• Effective oral and written communications skills
• Demonstrates a continuous improvement mindset, openness to feedback, and willingness to develop expertise in evolving business, technology, and risk environments while working collaboratively across functions.

WBG Culture Attributes:

1. Sense of urgency: Anticipate and quickly respond to the needs of internal and external stakeholders.
2. Thoughtful risk-taking: Challenge the status quo and push boundaries to achieve greater impact.
3. Empowerment and accountability: Empower yourself and others to act and hold each other accountable for results.

World Bank Group Core Competencies

The World Bank Group offers comprehensive benefits, including a retirement plan; medical, life and disability insurance; and paid leave, including parental leave, as well as reasonable accommodations for individuals with disabilities.

Learn more about working at the World Bank and IFC including our values and inspiring stories.