Job DescriptionYour RoleThe Senior Internal IT Auditor leads and executes audit engagements, serving as a subject matter resource and ensuring high-quality audit delivery across technology and cybersecurity domains.
ResponsibilitiesYour WorkIn this role, you will:
- Be responsible for performing and leading transactional quality review audits with limited or no supervision
- Have expert knowledge of transactional quality assurance audit principles and methodology; considered a subject matter expert in multiple functional areas
- Support risk assessments and development of audit plans for data and AI governance areas
- Review controls over AI-enabled business processes, including data sourcing, model outputs, decisioning logic, and human oversight mechanisms
- Leads corrective/ preventive action planning related to transactional audits
- Assess design and operating effectiveness of controls related to intellectual property (IP) protection, including source code repositories, model artifacts, proprietary algorithms, and data assets
- Perform audits of DevSecOps pipelines, including CI/CD tooling, automated testing, code promotion, and segregation of duties across development environments
- Evaluate risks related to use of open-source software, third-party libraries, and external AI services, including licensing compliance, security vulnerabilities, and data leakage
- Analyze risks associated with data used in software and AI development, including data governance, quality, lineage, privacy, and regulatory compliance (e.g., HIPAA data considerations)
- Assess AI governance frameworks, including intake, approval, ethical review, monitoring, incident management, and model retirement processes
- Research issues and shares the findings of that work with varying groups effectively (executives, managers, line staff, etc.)
- Develop and maintains productive client and staff relationships through individual contacts and group meetings
- Be proficient in either operational, financial or IT auditing, but not yet an expert. Work still needs oversight to be released and reviewed by Management
- Work to achieve operational targets with direct impact on BSC departmental results
- Be responsible for entire projects or processes within BSC annual audit program
- Communicate with parties within and outside of BSC with the ability to educate others on complex disciplines
QualificationsYour Knowledge and Experience- Requires a bachelor's degree or equivalent experience
- Requires a minimum of 5 years of prior related experience
- Basic competence and knowledge with support from others of: Financial Accounting and Finance Concepts, Managerial Accounting, Regulatory, Legal and Economics, Quality Framework, Ethics and Fraud, Information Technology, Governance, Risk and Controls, Organizational Theory and Behavior
- Working knowledge of AI tools, models, and platforms (e.g., generative AI, ML systems), including associated risks, controls, and governance consideration
- Strong analytical and problem-solving skills
- Advanced knowledge of auditing typically obtained through advanced education combined with experience
- May have practical knowledge of project management
- Certified Information Systems Auditor (CISA), Advanced in AI Audit (AAIA), Certified Information Systems Security Professional (CISSP), Certified Internal Auditor (CIA) and/or Certified Secure Software Lifecycle Professional (CSSLP) highly desired
Our Workplace Model: We believe in fostering a workplace environment that balances purposeful in-person collaboration with flexibility - providing clear expectations while respecting the diverse needs of our workforce. Our workplace model is designed around intentional in-person interaction, collaboration, connection, creativity and flexibility:
- For most teams, this means coming into the office two days per week.
- Employees living more than 50 miles from an office location, out of state employees, and employees in certain member-facing roles should work with their manager to determine in-office time based on business need.
- For employees with medical conditions that may impact their ability to work in-office, we are committed to engaging in an interactive process and providing reasonable accommodations to ensure their work environment is conducive to their success and well-being.
The Company reserves the right to require more presence in the office based on business needs, and requirements are subject to change with periodic reviews.
Physical Requirements:Office Environment - roles involving part to full time schedule in Office Environment. Based in our physical offices and work from home office/deskwork - Activity level: Sedentary, frequency most of work day.
Please click here for further physical requirement detail.
