Internal IT Auditor (San Miguel Topilejo)

Internal IT Internal Auditor

Mission

The Internal IT Internal Auditor is responsible for ensuring compliance with Sarbanes-Oxley (SOX) requirements over IT controls, execution of operational risk based audits strengthening the organization’s internal control environment, and providing risk-based assurance and advisory services over technology, cybersecurity, and system-enabled processes.

Main Activities

• Perform regulatory compliance audits for Internal IT General Controls (ITGCs), IT Application Controls, Key Reports, and system implementations.
• Evaluate the design and operating effectiveness of IT controls supporting internal control over financial reporting (ICFR).
• Perform walkthroughs, control testing, and documentation for IT SOX processes, including narratives, risk and control matrices, and flowcharts.
• Evaluate control deficiencies, perform root cause analysis, and collaborate with control owners to develop and monitor remediation plans.
• Serve as the primary liaison with external auditors for IT SOX matters, coordinating testing, evidence requests, and issue resolution.
• Execute risk-based audit plans for IT systems, applications, and infrastructure in line with the organizational objectives.
• Assist with IT risk assessments to identify, assess, and prioritize technology-related risks impacting business operations and financial reporting.
• Prepare clear, concise audit reports summarizing findings, risks, and management action plans.
• Provide proactive risk and control advisory on system upgrades, new technology implementations, cybersecurity initiatives, and cloud environments.
• Leverage audit management tools (AuditBoard/Optro) to manage SOX program, new standards and frameworks, dashboards, risk registers, and documentation repositories.
• Apply data analytics, automation, and Artificial Intelligence tools to enhance audit quality, efficiency, and coverage.
• Continuously monitor regulatory updates, IT audit standards, and best practices, integrating changes into audit programs and procedures.

Other

• Follow corporate policies, procedures, and internal audit standards.
• Respect and adhere to company values, code of ethics, and confidentiality requirements.
• Act as a trusted advisor to IT and business stakeholders, promoting a culture of strong controls and risk awareness.
• Build credibility and trust with stakeholders to drive change and influence desired outcomes without direct authority.
• Perform other duties as required by the Internal Audit function.

Requirements

• Bachelor’s degree in Information Technology, Accounting, Finance, or a related field (required).
• Minimum 2 years of experience in IT audit, IT internal controls, or public accounting with a technology focus.
• Strong knowledge of SOX, COSO, and IT control frameworks.
• Professional certifications such as CISA, CIA, CISSP, or equivalent are strongly preferred.
• Experience with AuditBoard (Optro) is preferred.
• Knowledge of Microsoft Dynamics D365 is preferred.
• Knowledge of cybersecurity and IT frameworks (e.g., NIST, COBIT).
• Experience auditing cloud environments such as AWS or Azure.
• Strong verbal and written communication skills in English; Spanish proficiency preferred.
• Ability to work independently, manage multiple priorities, and meet deadlines in a fast‑paced environment.

Travel Requirements

• Availability to travel domestically and internationally as required.
• Possession of a valid passport and ability to obtain required visas.
• Ability to comply with corporate travel and expense policies.

Competencies

• Planning and organization
• Problem solving
• Analytical thinking
• Attention to detail
• Confidentiality and professional ethics
• Stakeholder influence and communication