Senior IT Internal Auditor at Shift5

Center Valley, Pennsylvania, United States

Apply Now

Not SpecifiedCompensation

Senior (5 to 8 years)Experience Level

Full TimeJob Type

UnknownVisa

Technology, Payments, CommerceIndustries

Requirements

Bachelor’s degree in information systems, Computer Science, Accounting, or related field
3–5 years of experience in IT audit, SOX compliance, or IT risk management within a public company or public accounting firm
Strong understanding of SOX 404 requirements, COSO 2013 framework, and PCAOB AS 2201 standards
Working knowledge of ITGC domains (access, change management, IT operations) and IT application control testing
Proficiency with key financial systems such as Oracle Fusion, NetSuite, BlackLine, Okta, and experience in testing system-generated reports for completeness and accuracy
Strong analytical, organizational, and communication skills; ability to work effectively with IT and business stakeholders
Preferred
Professional certification(s): CISA, CIA, or CISSP (in progress or obtained)
Experience with audit management software (e.g., AuditBoard, Workiva, SOXHUB) and data analytics tools (e.g., SQL, Power BI)
Background in payment processing, fintech, or financial services industries

Responsibilities

Lead the planning and execution of IT SOX testing, including ITGCs (access management, change management, computer operations) and automated application controls supporting financial reporting
Collaborate with Internal Audit leadership in defining the annual SOX ITGC audit plan, ensuring alignment with enterprise risks and external audit reliance strategies
Evaluate the control design and operating across applications, databases, and infrastructure layers relevant to ICFR
Partner with external auditors (PwC) to coordinate testing activities, ensure timely evidence delivery, and support reliance on IT control testing
Perform system walkthroughs with IT owners to validate process flows, system configurations, and key dependencies related to SOX key controls
Test automated and IT-dependent controls, verifying report completeness and accuracy through system queries, metadata analysis, and data validation procedures
Assess remediation actions for control deficiencies, provide recommendations, and follow up on corrective measures to ensure effective control
Document audit work in compliance with IIA and PCAOB standards, ensuring completeness, accuracy, and clarity in workpapers
Support integrated audits by coordinating with business process auditors to assess the combined impact of IT and operational controls
Participate in IT risk assessments to evaluate emerging risks from system changes, new implementations, cybersecurity threats, and data integrity issues
Conduct or support special IT reviews, including system migrations, segregation of duties (SoD) analyses, and security configuration audits

Skills

Key technologies and capabilities for this role

SOX 404ITGCOracle FusionNetSuiteOktaBlacklineMuleSoftPCAOBCOSOIIAaccess managementchange managementcomputer operationsICFR

Questions & Answers

Common questions about this position

Is this a remote role or does it require office presence?

This is a hybrid role based in the Center Valley, PA office.

What systems will I be working with in this role?

The role involves IT SOX testing across critical systems such as Oracle Fusion, NetSuite, Okta, Blackline, and MuleSoft.

What are the key responsibilities of the Senior IT Internal Auditor?

Key responsibilities include leading IT SOX testing for ITGCs and automated controls, collaborating with IT leadership and external auditors like PwC, performing system walkthroughs, testing controls, and documenting audit work per IIA and PCAOB standards.

What is the required education for this position?

A Bachelor’s degree is required.

What collaboration is involved in this role?

The role requires strong collaboration with IT leadership, business process owners, external auditors (PwC), and an interim third-party co-sourcing provider.

Shift5

Observability platform for operational technology

About Shift5

Shift5 offers an observability platform that focuses on cybersecurity and data analytics for operational technology (OT) in defense and transportation sectors. The platform collects and analyzes data from onboard systems, such as buses and weapon systems, and is protocol-agnostic, allowing it to adapt to various data communication protocols. By providing real-time insights, Shift5 helps clients improve safety, maintenance scheduling, and threat detection. The company's goal is to enable better decision-making to enhance the reliability and performance of their fleets.

Kansas City, MissouriHeadquarters

2019Year Founded

$104.1MTotal Funding

SERIES_BCompany Stage

Data & Analytics, CybersecurityIndustries

51-200Employees

Benefits

Health Insurance

Dental Insurance

Vision Insurance

Health Savings Account/Flexible Spending Account

Unlimited Paid Time Off

Flexible Work Hours

Remote Work Options

401(k) Retirement Plan

401(k) Company Match

Employer-paid Life and Disability Insurance

Risks

Emerging OT cybersecurity startups could threaten Shift5's market share.

Rapid evolution of cyber threats may outpace Shift5's technological capabilities.

Economic downturns could lead to reduced budgets for cybersecurity solutions.

Differentiation

Shift5 offers a protocol-agnostic platform adaptable to any data communication protocol.

The company provides real-time, data-driven insights for defense and transportation sectors.

Shift5's platform enhances safety, availability, and resilience of operational technology assets.

Upsides

Growing demand for cybersecurity in transportation due to rising cyber threats.

Increased interest in predictive maintenance technologies to reduce costs and improve reliability.

U.S. Department of Defense's focus on cybersecurity presents opportunities for Shift5.

Land your dream remote job 3x faster with AI

Try Jobo Free