OverviewMicrosoft Internal Audit is seeking an IT Auditor to evaluate risks, controls, and governance across cloud services, datacenter operations, infrastructure, cybersecurity, networking, software engineering, and emerging technologies, including AI. In this role, you will assess whether technology systems and processes effectively manage risk and support secure, reliable, and scalable operations.
As an individual contributor, you will lead risk-based audits across planning, fieldwork, reporting, and follow-up, partnering with engineering, operations, security, and business stakeholders to identify control gaps, evaluate technology risks, and provide objective insights.
This role is ideal for professionals who enjoy understanding complex systems, identifying improvement opportunities, and communicating technical risks to both technical teams and executive leadership.
Responsibilities- The IT Auditor is responsible for evaluating risks and controls for software development, service operation, IT infrastructure, security, and related processes. This evaluation will be accomplished by conducting internal audit projects to include the communication of observations, risks, recommendations, and conclusions reached, as well as providing consulting services regarding risk and controls on a wide range of projects and corporate initiatives.
- Conduct reviews in highly technical areas of current/emerging technologies including artificial intelligence, various cloud environments, security, networking, Windows, and Unix.
- Remain current and increase knowledge in the areas of auditing, business, company products and company information and Microsoft technologies, applications and other related technologies, utilizing self-study and/or continuing education efforts.
- Develop draft audit reports by identifying and gathering support for potential issues, and recommending solutions.
- Utilize departmental audit systems to manage projects, work papers, risk assessment, reporting and reporting follow-up.
- Communicate with departmental representatives and client management regarding the project status.
- Coordinate with external auditors (as needed), and work with outside contractors with respect to specific IT audit engagements.
- Establish and maintain proficient customer relationships with internal stakeholders, managers and staff.
QualificationsRequired/minimum qualifications
- Bachelor's Degree in Business, Computer Science, Engineering, or related field AND 3+ years auditing, security, privacy, control and compliance, or related experience OR equivalent experience.
Additional or preferred qualifications
- A BS/BA degree, preferably in information systems, computer science, engineering or other related IT field or a minimum of 5 years of experience in hardware or software product development, IT audit, IT Assurance or closely related field, security operations.
- Knowledge of external leading risk and controls frameworks such as COBIT (Control Objectives for Information and related Technology), ISO27000, NIST, and IT related internal controls.
- Professional certification such as CISSP, GIAC, MCP, CCNA, CISA, CIA, AZ-500, or AZ-104.
- Experience with cloud operations, networks, security and specialized skills and experience.
- Experience conducting datacenter audits and staying abreast of Artificial Intelligence (AI) developments.
Information Systems Auditing IC3 - The typical base pay range for this role across the U.S. is USD $77,800 - $153,700 per year. There is a different range applicable to specific work locations, within the San Francisco Bay area and New York City metropolitan area, and the base pay range for this role in those locations is USD $102,200 - $169,900 per year.
Certain roles may be eligible for benefits and other compensation. Find additional benefits and pay information here:
https://careers.microsoft.com/us/en/us-corporate-pay
This position will be open for a minimum of 5 days, with applications accepted on an ongoing basis until the position is filled.