Internal Audit Director - IT Manager

The Internal Audit Director - IT Manager is a strategic transformation leader responsible for the organization’s technology risk landscape. This role goes beyond traditional oversight; you will act as a technologist within the audit function, leveraging AI and data science to automate control environments while ensuring the digital backbone of our global operations—including Manufacturing and M&A integrations—remains secure, compliant, and efficient.

Individual contributor with significant leadership and cross-functional influence

Responsibilities: 

Innovation, AI & Audit Transformation

• AI-Enabled Control Testing: Architect and implement AI/Machine Learning models to transition from manual sample-based testing to 100% population testing.
• Annual SOX Audit: Lead SOX IT control design and operating effectiveness including identification of gaps, operating deficiencies, remediation plan and partnership with process owners to optimize control environment 
• Audit Workflow Automation: Leverage Generative AI and Robotic Process Automation (RPA) to automate the documentation of walkthroughs, drafting of audit reports, and the mapping of controls to regulatory frameworks.
• Continuous Control Monitoring (CCM): Partner with IT to build real-time dashboards that monitor key risk indicators (KRIs), moving the department toward a "continuous audit" model.
• Predictive Risk Insights: Use data signals to identify emerging risks in the Quote-to-Cash and Manufacturing cycles before they manifest as material weaknesses.
• Lead the development of automated risk-sensing capabilities and Key Risk Indicators (KRIs) within the ERM framework, leveraging data analytics to provide real-time assurance over tech-stack dependencies and third-party vendor ecosystems

Business Process & Systems Excellence

• Automated Control Testing: Review the automated controls within core value streams such as Quote-to-Cash (Q2C) and Procure-to-Pay (P2P) to ensure data integrity and system reliability.
• Annual SOX Audit: Lead SOX control design and operating effectiveness including ITGC’s,  identification of gaps, operating deficiencies, remediation plan and partnership with process owners to optimize control environment
• SDLC & Implementation: Perform pre- and post-implementation reviews for major system upgrades or ERP deployments to prevent "go-live" control failures.

Business Combinations & M&A Integration

• IT Due Diligence: Lead IT-focused risk assessments for business combinations, evaluating the target company’s security posture and control maturity.
• Post-Merger Integration (PMI): Direct the integration of acquired entities into the corporate Internal Control Framework (COSO), managing the risks associated with data migration and system cutovers.

SOX & Regulatory Compliance (GovCon Focus)

• ITGC Ownership: Lead the testing of IT General Controls (ITGC) and IT Application Controls (ITAC) for SOX 404 compliance.
• Regulatory Standards: Ensure IT systems meet stringent government contracting standards, including NIST 800-171, CMMC, and FAR/DFARS requirements.

You’d be a good fit with: 

Experience & Education

• Education: Bachelor’s degree in Management Information Systems (MIS), Computer Science, or Accounting.
• Experience: 8–10+ years of progressive experience in IT Audit, IT Risk, or Cyber Consulting (Big 4 or large-scale complex corporate environments preferred).

Technical & Professional Skills

• Certifications: CISA required. CISSP, CRISC, or CISM highly preferred.
• Framework Mastery: Deep understanding of COBIT, NIST, ISO 27001, and the COSO Internal Control Framework.
• Influencing Without Authority: Exceptional "executive presence" with the ability to translate complex "tech-speak" into actionable business risks for senior leadership and IIA Standards.

You’d be a great fit with:

• M&A Track Record: Proven experience managing IT control transitions during business combinations or system consolidations.
• Industry Savvy: Strong background in manufacturing or organizations engaged in government contracting.“Nice-to-haves” / desired or preferred experience
• Modern Audit Toolkit: Hands-on experience with SQL, Python, or AI-based audit tools (e.g., Alteryx, MindBridge, or custom GPT agents). 
• Systems & Data: Proficiency in ERP systems (Netsuite/Oracle, Snowflake/DataBricks)

Location: College Park, MD
Travel: Up to 25% 
Job ID: 1383

The approximate base salary range for this position is $128,445 - $167,497. The total compensation package includes base, bonus, and equity.