Senior Information Technology Auditor

Ziff Davis (NASDAQ: ZD) is a vertically focused digital media and internet company whose portfolio includes leading brands in technology, shopping, gaming and entertainment, health and wellness, connectivity, cybersecurity and martech.

In addition to growing our business organically, we regularly acquire businesses to grow our customer bases, expand and diversify our service offerings, enhance our technologies, acquire skilled personnel and enter into new markets.

About the Position:

As a Senior IT Internal Auditor, you would play a key role in evaluating and strengthening the organization’s IT governance, security, and compliance. You will be responsible for assessing technology risks, conducting IT audits, and providing actionable recommendations to improve the efficiency and security of IT systems, processes, and controls.

You will collaborate with cross-functional teams, including IT, Information Security (InfoSec), Accounting and Finance to ensure alignment with industry best practices and regulatory requirements.

Key Responsibilities:

• Lead IT Audits: Plan and execute IT audits, including IT general controls (ITGCs) and IT application controls (ITACs).
• Risk Assessment & Management: Identify, evaluate, and mitigate IT risks by assessing the security of systems, networks, and processes.
• Compliance & Regulatory Oversight: Ensure adherence to industry regulations and frameworks such as SOX, COBIT, SOC, and ISO 270001.
• IT Governance & Policy Review: Assess IT policies, procedures, and frameworks to enhance governance and align with industry best practices.
• Third Party SOC 1 Reviews: Evaluate third party SOC 1 reports, including understanding the description of the service organization’s system, control objectives, and testing results, to ensure alignment with internal control requirements and to determine the impact of any control deficiencies.
• Audit Reporting & Documentation: Prepare clear, concise process and system flowcharts, audit reports with findings, risk analysis, and actionable recommendations for senior leadership.
• Collaboration & Advisory: Work with IT, compliance, and necessary business management teams to strengthen controls and improve security posture.
• Continuous Improvement & Innovation: Stay updated on emerging IT risks, technologies, and audit methodologies to enhance audit effectiveness.
• Mentorship & Leadership: Guide staff auditors and assist with the development of their skills.

• Bachelor's degree in Information Systems, Computer Science, Information Technology, or a related field.
• 4+ years of IT audit or IT risk management experience.
• 2+ years experience working at a Big 4 Accounting firm.
• Professional certifications such as CISA, CISM, CISSP, CRISC, or CIA strongly preferred. If a CISA is not held, it must be pursued in first year.
• Experience with performing walkthroughs, documenting, and testing most types of ITGC’s, and ITAC’s.
• Experience with major enterprise applications: Oracle Cloud Fusion, Salesforce and AWS preferred.
• Experience with all layers of an IT infrastructure (Applications, Operating Systems, Databases, and Networks).
• Strong knowledge of IT frameworks and regulations (e.g. SOX, SOC, COBIT, NIST, ISO 27001).
• Strong fundamental understanding of audit assertions and when each of them are necessary.
• Proficient understanding of financial reporting, how to evaluate a financial reporting process, and ICFR audits.
• Strong writing, problem-solving, critical thinking, data analytics and communication skills.
• Ability to work independently and collaboratively in a fast-paced environment.

• A fast growing, acquisitive, dynamic, and innovative work environment.
• Competitive salary and benefits package.
• Fully remote and flexible on location.
• Opportunities for professional development and obtaining certifications are strongly encouraged and supported.