Internal IT Auditor, Senior

Your Role The Senior Internal IT Auditor leads and executes audit engagements, serving as a subject matter resource and ensuring high-quality audit delivery across technology and cybersecurity domains. Your Knowledge and Experience Requires a bachelor's degree or equivalent experience Requires a minimum of 5 years of prior related experience Basic competence and knowledge with support from others of: Financial Accounting and Finance Concepts, Managerial Accounting, Regulatory, Legal and Economics, Quality Framework, Ethics and Fraud, Information Technology, Governance, Risk and Controls, Organizational Theory and Behavior Working knowledge of AI tools, models, and platforms (e.g., generative AI, ML systems), including associated risks, controls, and governance consideration Strong analytical and problem-solving skills Advanced knowledge of auditing typically obtained through advanced education combined with experience May have practical knowledge of project management Certified Information Systems Auditor (CISA), Advanced in AI Audit (AAIA), Certified Information Systems Security Professional (CISSP), Certified Internal Auditor (CIA) and/or Certified Secure Software Lifecycle Professional (CSSLP) highly desired Your Work In this role, you will: Be responsible for performing and leading transactional quality review audits with limited or no supervision Have expert knowledge of transactional quality assurance audit principles and methodology; considered a subject matter expert in multiple functional areas Support risk assessments and development of audit plans for data and AI governance areas Review controls over AI-enabled business processes, including data sourcing, model outputs, decisioning logic, and human oversight mechanisms Leads corrective/ preventive action planning related to transactional audits Assess design and operating effectiveness of controls related to intellectual property (IP) protection, including source code repositories, model artifacts, proprietary algorithms, and data assets Perform audits of DevSecOps pipelines, including CI/CD tooling, automated testing, code promotion, and segregation of duties across development environments Evaluate risks related to use of open-source software, third-party libraries, and external AI services, including licensing compliance, security vulnerabilities, and data leakage Analyze risks associated with data used in software and AI development, including data governance, quality, lineage, privacy, and regulatory compliance (e.g., HIPAA data considerations) Assess AI governance frameworks, including intake, approval, ethical review, monitoring, incident management, and model retirement processes Research issues and shares the findings of that work with varying groups effectively (executives, managers, line staff, etc.) Develop and maintains productive client and staff relationships through individual contacts and group meetings Be proficient in either operational, financial or IT auditing, but not yet an expert. Work still needs oversight to be released and reviewed by Management Work to achieve operational targets with direct impact on BSC departmental results Be responsible for entire projects or processes within BSC annual audit program Communicate with parties within and outside of BSC with the ability to educate others on complex disciplines