This list contains only the countries for which job offers have been published in the selected language (e.g., in the French version, only job offers written in French are displayed, and in the English version, only those in English).
We are looking for an experienced IT audit specialist to support a passwordless authentication audit for a long-term contract engagement based in Cincinnati, Ohio. This role is well suited for a manager or senior consultant who brings strong knowledge of authentication controls, infrastructure environments, and audit execution within complex enterprise settings. The assignment is expected to begin in late June and will contribute to key Q3 audit efforts, with a focus on assessing control design, technical implementation, and risk exposure related to passwordless authentication.
Job Responsibility
Lead and support audit activities focused on passwordless authentication controls, including planning, walkthroughs, testing, and documentation
Evaluate authentication processes across infrastructure and directory services to identify control gaps, risks, and areas requiring remediation
Review Microsoft Active Directory configurations and related access controls to assess alignment with security and audit expectations
Analyze IT application controls and broader IT general controls that support identity, access, and authentication processes
Partner with stakeholders to gather evidence, clarify technical configurations, and validate how passwordless authentication is implemented in the environment
Develop clear audit observations, risk summaries, and supporting workpapers that can be used for reporting and follow-up activities
Apply audit frameworks and control standards, such as COBIT and ITGC principles, when assessing the effectiveness of the control environment
Contribute subject matter expertise during Q3 audit execution and provide practical recommendations to strengthen authentication governance and control maturity
Requirements
Proven experience performing technology audits with direct involvement in authentication, identity, or access control reviews
Strong understanding of passwordless authentication methods and the risks, control considerations, and testing approaches associated with them
Hands-on knowledge of Microsoft Active Directory and supporting infrastructure or networking concepts relevant to authentication services
Experience evaluating IT application controls, IT general controls, and audit findings in enterprise environments
Ability to create structured audit programs, document test results, and communicate issues in a clear and concise manner
Familiarity with recognized audit and control frameworks, including COBIT
Background at the Manager, Senior Consultant, or comparable senior delivery level within audit or advisory engagements