Info Technology Risk & Controls Assurance – Internal Audit IT (No Travel)

Info Technology Risk & Controls Assurance – Internal Audit IT (No Travel)


This position offers the opportunity to analyze end to end IT & Security service operations and the complex tools and applications that enable them, while keeping your knowledge paced with emerging technology and industry trends in cyber security. In addition, you will review and analyze IT governance processes, as well as develop and perform continuous auditing techniques leveraging data analytics to provide ongoing coverage for the Audit Committee of the Board of Directors and Senior Management. The role provides the unique opportunity to assess and help improve the control environment, with a focus on delivering risk based assurance and advisory audit services. In this role you would receive:
• Diverse assignments in key IT service, technology and security areas
• Progressively challenging assignments in high and emerging risk areas such as cyber, public cloud as a service, DevOps, business process automation (aka, Robotics), etc.
• Approximately 40 hours of continuing professional education each year, including training in technology, auditing and personal development skills


  1. • Grasp emerging technology risk concepts to be able to advise on existing technology as well as implementation efforts
  2. • Examine key operational and information technology/security processes and risks
  3. • Working knowledge of industry frameworks/guidance (e.g., NIST CSF, CIS Critical Security Controls, etc.) and an ability to assess against them
  4. • Have a solid grasp of governance structures
  5. • Test controls in place to mitigate risks and conclude effectively on test results
  6. • Identify improvement opportunities and control enhancements
  7. • Successfully lead and participate on audits/projects, and develop reporting to senior levels of management
  8. • Produce automated work papers clearly and comprehensively documenting understanding of control procedures and results of work performed
  9. • Leverage data analytics to detect potential issues and/or quantify findings, as well as develop continuous auditing techniques


  1. • 4 to 6 years of experience in a Technical Audit role, providing assurance coverage over complex IT shared services (e.g., database, server, and network infrastructure, public cloud services, etc.) and security operations (e.g., firewalls, IDS/IPS, vulnerability management, etc.)
  2. • Strong critical thinking and problem solving skills, as well as an ability to piece together the ‘big-picture’ (vision/strategy, forward thinker)
  3. • Ability to express views/opinions clearly both orally and in writing [strong work paper documentation skills; Service Owner Control report experience (SSAE16/SOC 1 and/or AT101/SOC2) desired]
  4. • Minimum of a Bachelor’s Degree required
  5. • Preference for professional certification (e.g., CISA, CISSP, GCCC)


$80,000 - $100,000 + Bonus


Greater Hartford, CT

Contact Us to discuss this position