Senior Internal Auditor, IT

Under the general direction of the Manager, IT Audit, the Senior IT Auditor is responsible for leading, executing, and reporting on IT and cybersecurity audit engagements, as well as leading or participating in consulting engagements. This role requires a strong combination of technical expertise, analytical skills, communication abilities, and business acumen. As a key member of the Internal Audit team, you will collaborate with stakeholders across GCE to assess risks, strengthen controls, and drive continuous improvement.

Key Accountabilities

• Lead and conduct IT and cybersecurity assurance and consulting engagements, including planning, fieldwork, recommendations, client interactions, and report writing for highly technical areas of current and emerging technologies such as IT General Controls, cybersecurity, cloud computing, AI, vulnerability management, network and endpoint security, business continuity, and others. Utilize current industry frameworks like COBIT, NIST, CIS, etc., while adhering to IIA Professional Standards.
• Design and develop risk-based audit programs and related procedures to address engagement objectives. Complete testing and working papers within target dates, ensuring sufficient evidence is gathered to meet the objectives of the engagement.
• Evaluate and investigate audit observations to identify the root causes of control deficiencies. Write concise, risk-focused reports with practical recommendations. Communicate and engage diplomatically and tactfully with stakeholders regarding audit observations, risks, and recommendations. Foster open communication with Internal Audit team members, employees, management, risk, and other organizational partners in areas such as risk management, governance, regulatory compliance, and internal policies/procedures.
• Keeps up to date with relevant governance, risk management, and IT/cybersecurity frameworks (e.g., COBIT, NIST), as well as leading industry practices and trends, to identify potential technology risks for consideration in specific engagements or annual audit planning
• As a technology subject-matter expert within the Internal Audit team, contributes to and assists Internal Audit team members in technology-related aspects of the annual audit plan, as needed.
• Provide assistance with annual external audit duties, as needed.

Education and Qualifications

• Bachelor's degree in computer science, Management Information Systems, or a related field.
• CISA, CISSP, CISM, CRISC, CIA, or another relevant IT certification preferred.
• Minimum of 5 years of IT audit experience.
• Proven knowledge of IT, information security, IT general controls, and technology risks.
• Strong organizational, time management, and project management skills.
• Excellent interpersonal skills, with the ability to interact effectively and build relationships at all levels of the organization.
• Strong written and verbal communication skills, with the ability to present information clearly and concisely to both technical experts and senior leadership.
• Advanced proficiency in MS Office, data analytics tools, GRC, and other IT-related software.
• Self-motivated and quick learner, able to work independently in a fast-paced environment, guided by established practices, and apply sound judgment to identify, troubleshoot, and resolve business, functional, and operational issues.
• Ability to travel to various sites within Canada.