CrawlJobs Logo

Senior IT & Cybersecurity Control Testing Auditor

Canada, Montréal · Job Posted July 06, 2026
Apply Position
Job Link Share

Job Description

Randstad Digital is seeking a Senior IT & Cybersecurity Control Testing Auditor for a high-impact contract mandate. Our client is a prominent global player within the financial services and investment banking sector. In this role, you will join a sophisticated risk management team to lead comprehensive reviews within the Annual Control Plan. You will play a pivotal role in evaluating, testing, and mitigating risks associated with information technology, information security, and cyber infrastructure across a complex, multi-jurisdictional environment.

Job Responsibility

  • Design, scope, and execute comprehensive technology and compliance audits focused on general IT controls and application-specific safeguards
  • Lead detailed walkthroughs of business and technology processes to understand operational contexts, map risk landscapes, and evaluate control designs
  • Perform deep-dive assessments of system architectures, which include data analysis, code inspections, and system re-performance to validate security, system availability, and performance
  • Detect vulnerabilities and control deficiencies through rigorous testing, and collaborate with business units to establish robust, timely corrective action plans
  • Synthesize complex audit findings into high-quality, formal reports and deliver clear, actionable presentations to executive stakeholders and business leaders
  • Maintain strategic, ongoing communication lines with Compliance, Risk management, and various lines of business, while assisting management in refining the annual risk-based audit plan

Requirements

  • Bachelor’s degree (B.A./B.S.) in Computer Science, Cyber Security, Engineering, or a related technical discipline
  • 7 to 11 years of professional experience within financial services, investment banking, or broker-dealer corporate environments
  • 3 to 5 years of specialized experience auditing physical, logical, system, or cybersecurity controls using industry-standard auditing frameworks
  • Strong understanding of high-risk security domains, including Identity & Access Management (IAM), data encryption, firewalls, intrusion detection/prevention, and insider threats
  • Proficiency with industry frameworks and regulations such as NIST, FFIEC, ISO, GDPR, NYSDFS, and FISMA, alongside an understanding of Investment Banking compliance and AML concepts
  • Screening requirement: must be willing to undergo enhanced background vetting including third-party fingerprinting via FINRA
  • Fluency in English (both spoken and written)

Nice to have

  • Familiarity with scripting languages (Python), relational databases (T-SQL, PL/SQL), and data visualization software (PowerBI, Spotfire, Microstrategy)
  • Cloud infrastructure audit experience
  • Holding designations such as CISA, CISSP, CIA, CPA, or relevant securities licenses

What we offer

  • Competitive Compensation: Highly attractive hourly contractor rate commensurate with senior-level expertise
  • Dynamic Corporate Culture: Work within a sophisticated, multinational financial environment that values diversity, collaboration, and continuous professional growth
  • Cutting-Edge Environment: Gain exposure to complex system architectures, modern data analytics pipelines, and advanced cloud technologies
  • Hybrid Flexibility: Enjoy a balanced professional lifestyle with a modern hybrid work model based out of our Montreal hub

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Similar Jobs for

Senior IT & Cybersecurity Control Testing Auditor

8 matching positions

Senior IT Auditor

We are seeking an experienced Senior IT Auditor with active CISSP and CISA certi...
Location
Location
United States , Fort Lauderdale
Salary
Salary:
Not provided
https://www.roberthalf.com Logo
Robert Half
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Information Systems, Computer Science, Accounting, or related field
  • Active CISSP and CISA certifications (both required)
  • 5–8+ years of IT audit experience (Big 4 or large corporate internal audit preferred)
  • Hands-on experience auditing: Cloud platforms (AWS, Azure, GCP)
  • ERP systems (SAP S/4HANA, Oracle EBS/Fusion)
  • Cybersecurity frameworks (NIST CSF, CIS Controls, ISO 27001)
  • ITGCs, automated controls, and segregation of duties (SoD)
  • Expertise in SOX 404 compliance and PCAOB audit standards
  • Advanced knowledge of COBIT, ITIL, NIST 800-53, and CIS benchmarks
  • Proficient in audit tools: TeamMate+, AuditBoard, Diligent, Workiva, or Alessa.
Job Responsibility
Job Responsibility
  • Lead end-to-end IT audits including planning, scoping, fieldwork, testing (design & operating effectiveness), and reporting for SOX 404, SOC 2, ISO 27001, NIST, and internal risk-based audits
  • Evaluate ITGCs across ERP systems (SAP, Oracle, NetSuite), cloud environments (AWS, Azure, GCP), Active Directory, databases, and network infrastructure
  • Perform integrated audits combining financial, operational, and IT controls with cross-functional audit teams
  • Assess cybersecurity controls (identity/access management, encryption, vulnerability management, incident response, zero trust architecture)
  • Conduct third-party risk assessments and review vendor SOC reports, contracts, and SLA compliance
  • Identify control gaps, quantify risk, and draft actionable, prioritized recommendations
  • Present audit findings and remediation plans to C-suite, Audit Committee, and Board-level stakeholders
  • Mentor junior auditors and co-source resources
  • review workpapers for quality and completeness
  • Stay ahead of emerging risks: AI/ML governance, quantum computing threats, ransomware frameworks, and GenAI security
What we offer
What we offer
  • medical
  • vision
  • dental
  • life and disability insurance
  • 401(k) plan
Read More
Arrow Right

Senior IT Auditor

Well-established client of ours is seeking a Senior IT Auditor to join their tea...
Location
Location
United States , Atlanta
Salary
Salary:
Not provided
https://www.roberthalf.com Logo
Robert Half
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 3–6+ years of experience in IT audit, risk, or technology consulting
  • Knowledge of IT control frameworks (e.g., COBIT, NIST, ISO 27001)
  • Experience with SOX and IT compliance
  • Strong communication and analytical skills
  • Relevant certifications (e.g., CISA, CISSP, CIA) preferred
Job Responsibility
Job Responsibility
  • Lead IT audit engagements, including planning, testing, and reporting
  • Assess IT general controls (ITGCs), application controls, and cybersecurity practices
  • Identify control gaps and provide practical recommendations to improve risk posture
  • Support compliance efforts (e.g., SOX, regulatory frameworks)
  • Partner with business and IT stakeholders to understand systems and processes
  • Mentor entry level team members and review audit work
What we offer
What we offer
  • medical, vision, dental, life and disability insurance
  • company 401(k) plan
  • Fulltime
Read More
Arrow Right

Senior IT Auditor

We are seeking an experienced Senior IT Auditor with active CISSP and CISA certi...
Location
Location
United States , Boca Raton
Salary
Salary:
Not provided
https://www.roberthalf.com Logo
Robert Half
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Information Systems, Computer Science, Accounting, or related field
  • Active CISSP and CISA certifications (both required)
  • 5–8+ years of IT audit experience (Big 4 or large corporate internal audit preferred)
  • Hands-on experience auditing: Cloud platforms (AWS, Azure, GCP)
  • ERP systems (SAP S/4HANA, Oracle EBS/Fusion)
  • Cybersecurity frameworks (NIST CSF, CIS Controls, ISO 27001)
  • ITGCs, automated controls, and segregation of duties (SoD)
  • Expertise in SOX 404 compliance and PCAOB audit standards
  • Advanced knowledge of COBIT, ITIL, NIST 800-53, and CIS benchmarks
  • Proficient in audit tools: TeamMate+, AuditBoard, Diligent, Workiva, or Alessa
Job Responsibility
Job Responsibility
  • Lead end-to-end IT audits including planning, scoping, fieldwork, testing (design & operating effectiveness), and reporting for SOX 404, SOC 2, ISO 27001, NIST, and internal risk-based audits
  • Evaluate ITGCs across ERP systems (SAP, Oracle, NetSuite), cloud environments (AWS, Azure, GCP), Active Directory, databases, and network infrastructure
  • Perform integrated audits combining financial, operational, and IT controls with cross-functional audit teams
  • Assess cybersecurity controls (identity/access management, encryption, vulnerability management, incident response, zero trust architecture)
  • Conduct third-party risk assessments and review vendor SOC reports, contracts, and SLA compliance
  • Identify control gaps, quantify risk, and draft actionable, prioritized recommendations
  • Present audit findings and remediation plans to C-suite, Audit Committee, and Board-level stakeholders
  • Mentor junior auditors and co-source resources
  • review workpapers for quality and completeness
  • Stay ahead of emerging risks: AI/ML governance, quantum computing threats, ransomware frameworks, and GenAI security
What we offer
What we offer
  • medical, vision, dental, and life and disability insurance
  • eligible to enroll in our company 401(k) plan
  • free online training
Read More
Arrow Right

Senior IT Auditor

We are seeking a highly experienced and detail-oriented IT Auditor to join the i...
Location
Location
Philippines , Manila
Salary
Salary:
Not provided
cherry.vc Logo
Cherry Ventures
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in Information Technology, Accounting, Computer Science, Cybersecurity, or a closely related field/discipline
  • A minimum of 4 to 5+ years of progressive experience in IT auditing, internal audit, or a related assurance function, with specific experience in public accounting or a publicly traded company
  • Expert knowledge of IT General Controls (ITGC) across complex environments, including security, access management, change management, and operations
  • Proven experience leading IT controls testing for SOX compliance
  • Deep understanding of application controls and key report validation
  • Familiarity with security frameworks (e.g., NIST, ISO 27001) and risk assessment methodologies
  • Highly analytical and detail-oriented with proven problem-solving skills in a technical context
  • Exceptional written and verbal communication skills, with the ability to translate complex technical issues into clear business risks for diverse audiences
  • A self-starter with the ability to independently manage multiple priorities and projects in a fast-paced, dynamic technology environment
  • Proven ability to build strong, collaborative relationships with technical and business stakeholders
Job Responsibility
Job Responsibility
  • Lead and execute comprehensive IT audits, including in-depth testing of IT General Controls (ITGC) across cloud infrastructure, enterprise applications, and the proprietary quoting platform
  • Evaluate the design and operating effectiveness of application controls within key business processes (e.g., Finance, Operations, Marketplace)
  • Perform detailed validation of Key Reports to ensure the accuracy, completeness, and reliability of data
  • Drive IT SOX compliance efforts, including updating narratives, Risk and Control Matrices (RCMs), and process flowcharts, focusing on critical controls for a publicly traded, high-growth tech company
  • Deeply evaluate security configurations, authentication processes, application security measures, and the controls surrounding new system implementations
  • Partner with Technology and Business leaders to uncover technical risks, identify control deficiencies, and recommend practical, high-impact remediation strategies
  • Go beyond compliance to surface critical issues and develop smart, actionable solutions that leverage technology to automate control processes and enhance business efficiency
  • Proactively utilize data analytics tools (e.g., Python, Alteryx) and internal platforms (e.g., AuditBoard) to continuously monitor controls, automate testing, and drive efficiency in audit procedures
  • Prepare clear, concise, and persuasive audit workpapers and reports
  • Craft compelling audit deliverables—from scope definition to final reports—that effectively communicate risk and value to executive leadership
  • Fulltime
Read More
Arrow Right

Senior IT Auditor

Mercury is building a complete finance stack for startups. We work hard to creat...
Location
Location
United States; Canada , San Francisco; New York; Portland
Salary
Salary:
119200.00 - 165500.00 USD / Year
mercury.com Logo
Mercury
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experience scoping and planning new, complex audits
  • Comfortable conducting walkthroughs, creating audit test plans, and executing internal controls testing
  • Experience working with financial services companies
  • Working knowledge of laws, regulations and risk management standards for financial services
  • Familiarity with IT control frameworks (e.g., NIST, ISO 27001, COBIT)
  • Exposure to cloud environments (e.g., AWS) and related security controls
  • Experience with security and threat assessments
  • Ability to quickly grasp and understand complex business processes
  • Ability to build relationships/partnerships and work cross-functionally to drive time-sensitive deliverables, issues tracking, and reporting
  • Excellent written and verbal communication skills
Job Responsibility
Job Responsibility
  • Assist in identifying, analyzing, and assessing risk, specifically IT, cybersecurity, and data security related, throughout Mercury
  • Scope and plan multiple audits across Mercury products and operations
  • Conduct process walkthroughs and execute audit testing to confirm the design and operational effectiveness of internal controls
  • Assess compliance with Mercury’s compliance obligations
  • Socialize, document, and report audit issues identified
  • Collaborate with teams to develop appropriate action plans, track audit issue remediation, and conduct issue follow up testing
  • Other duties as assigned
What we offer
What we offer
  • Base salary
  • Equity (stock options)
  • Benefits
  • Fulltime
Read More
Arrow Right

Lead Auditor - Cybersecurity Assurance

General Motors Audit Services (GMAS) is seeking a Lead Auditor, Cybersecurity As...
Location
Location
United States , Detroit
Salary
Salary:
Not provided
gm.com Logo
General Motors
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in Information Systems, Computer Science, Cybersecurity, or a related field (or equivalent related experience)
  • 5+ years of experience in IT audit, cybersecurity, risk management, or technology assurance, including leading engagements and guiding teams through planning, testing, and reporting
  • Strong understanding of cybersecurity and technology risk, including evaluating confidentiality, integrity, and availability (CIA) across complex, interconnected systems
  • Strong knowledge of internal controls and risk frameworks such as NIST CSF, NIST 800-53, COBIT, ISO 27001, or similar frameworks
  • Understanding of technology infrastructure and operations (e.g., endpoint/server hardening, monitoring, backup/recovery, and change/release practices)
  • Experience assessing controls across core cybersecurity domains such as Identity & Access Management (IAM), privileged access, logging and monitoring, incident response, backup and recovery, vulnerability management, and security configuration controls
  • Strong written and verbal communication skills
  • Demonstrated ability to work independently, exercise sound judgment, manage multiple priorities, and deliver results in a fast-paced environment
  • Domestic travel: 5%–10%. International travel: possible
Job Responsibility
Job Responsibility
  • Lead end-to-end cybersecurity assurance engagements, including scoping, planning, fieldwork, issue development, and reporting
  • Evaluate the effectiveness of cybersecurity controls across key risk areas such as identity and access management, logging and monitoring, vulnerability management, incident response, backup and recovery, and security configuration
  • Apply a risk-based perspective to identify control gaps, emerging threats, and opportunities to improve cybersecurity resilience
  • Review testing workpapers and evidence to ensure conclusions are clear, supportable, and aligned to audit standards and methodology
  • Develop concise, executive-ready reports that clearly articulate risk, root cause, and practical corrective actions
  • Present results and themes to business and technology leaders, including senior management, and align remediation priorities
  • Coach and support team members throughout the audit lifecycle, including testing strategy, issue validation, and stakeholder communication
  • Build strong working relationships with stakeholders across cybersecurity, IT, privacy, compliance, and other relevant functions
  • Contribute to continuous improvement of the cybersecurity assurance program, including risk assessment, planning, and reusable testing approaches
  • Monitor remediation activity and validate that agreed actions appropriately address identified risk
  • Fulltime
Read More
Arrow Right

Staff It Auditor

This is where your work makes a difference. At Baxter, we believe every person—r...
Location
Location
Mexico , Guadalajara
Salary
Salary:
Not provided
https://www.baxter.com/ Logo
Baxter
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree or equivalent experience in Computer Science, Information Systems, Information Technology, or a related field
  • 2+ years of IT or technology-related experience
  • Experience supporting internal audit, risk management, compliance, or control assurance activities in a regulated or publicly traded environment
  • Foundational understanding of internal controls, audit concepts, and core IT processes, including applications, infrastructure, data, and cybersecurity
  • Strong analytical, problem-solving, and critical-thinking skills
  • Effective written and verbal communication skills, including the ability to detail audit results clearly and professionally
  • Willingness to pursue relevant professional certifications (e.g., CISA, CRISC, CIA, CISSP, CIPM, CIPP, AWS Practitioner)
  • Ability and willingness to travel up to 20–35%, including international travel
Job Responsibility
Job Responsibility
  • Implement IT, cybersecurity, privacy, and coordinated audits in a regulated healthcare environment, following a risk-based audit approach
  • Perform testing of IT General Controls (ITGCs), application controls, automated controls, and information security controls across on-premise and cloud-based environments
  • Support audits of key technology domains, including data interfaces, integrations, and automated processes
  • Assist in identifying control gaps, technology risks, and opportunities for process improvement related to IT governance, risk management, and internal controls
  • Contribute to the development of practical, achievable remediation recommendations that address root causes and support management decision-making
  • Prepare clear, well-documented audit workpapers that fully support audit conclusions in accordance with Internal Audit standards and departmental tools
  • Assist senior and lead auditors with audit reporting, issue validation, and presentations to management
What we offer
What we offer
  • Paid Time Off
  • Employee Health & Well-Being Benefits
  • Continuing Education/Professional Development
  • Support for Parents
  • Employee Assistance Program
  • Fulltime
Read More
Arrow Right

Staff IT Auditor

This is where we value your strategic mindset, technical expertise and passion f...
Location
Location
Mexico , Guadalajara
Salary
Salary:
Not provided
https://www.baxter.com/ Logo
Baxter
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree or equivalent experience in Computer Science, Information Systems, Information Technology, or a related field
  • 2+ years of IT or technology-related experience
  • Experience supporting internal audit, risk management, compliance, or control assurance activities in a regulated or publicly traded environment
  • Foundational understanding of internal controls, audit concepts, and core IT processes, including applications, infrastructure, data, and cybersecurity
  • Strong analytical, problem-solving, and critical-thinking skills
  • Effective written and verbal communication skills, including the ability to detail audit results clearly and professionally
  • Willingness to pursue relevant professional certifications (e.g., CISA, CRISC, CIA, CISSP, CIPM, CIPP, AWS Practitioner)
  • Ability and willingness to travel up to 20–35%, including international travel
Job Responsibility
Job Responsibility
  • Implement IT, cybersecurity, privacy, and coordinated audits in a regulated healthcare environment, following a risk-based audit approach
  • Perform testing of IT General Controls (ITGCs), application controls, automated controls, and information security controls across on‑premise and cloud-based environments
  • Support audits of key technology domains, including Data interfaces, integrations, and automated processes
  • Assist in identifying control gaps, technology risks, and opportunities for process improvement related to IT governance, risk management, and internal controls
  • Contribute to the development of practical, achievable remediation recommendations that address root causes and support management decision-making
  • Prepare clear, well-documented audit workpapers that fully support audit conclusions in accordance with Internal Audit standards and departmental tools
  • Assist senior and lead auditors with audit reporting, issue validation, and presentations to management
What we offer
What we offer
  • Paid Time Off
  • Employee Heath & Well-Being Benefits
  • Continuing Education/ Professional Development
  • Support for Parents
  • Employee Assistance Program
  • Fulltime
Read More
Arrow Right