Semi-Senior IT Auditor

About the Role

A career in Technology Risk at RAi will enable you to play a meaningful role in evaluating the design and operating effectiveness of technology controls, and in giving clients actionable insights into their IT environments and business processes.

You will conduct controls testing and risk assessments across a diverse client base, working collaboratively across sectors and service lines on engagements that span IT audit, cybersecurity assurance, ERP reviews, and emerging technology risk including cloud, AI, and automation.

As a Semi-Senior IT Auditor, you will take on growing responsibility for delivery quality, client interaction, and the development of junior team members, while continuing to deepen your technical expertise in a fast-evolving discipline.

Key Responsibilities

• Plan, scope, and execute risk-based IT audit engagements across diverse industries and technology environments, with the support of the senior in charge of the engagement.
• Design and perform test procedures for IT General Controls (ITGCs) covering logical access, change management, IT operations, and segregation of duties etc.
• Test and document application controls, automated business process controls, and key reports (including IPE) across ERP platforms (SAP, Oracle, MS Dynamics) and cloud environments.
• Conduct walkthroughs with control owners, assess control design and operating effectiveness, and perform an initial draft analysis to determine whether exceptions constitute reportable findings.
• Collaborate with financial statement auditors to integrate IT findings into the overall audit approach and assess the reliance placed on IT-dependent controls.
• Prepare high-quality workpapers, audit programs, and risk-control matrices in line with firm methodology and professional standards.

Required Skills & Competencies

• Proven, hands-on experience testing ITGCs and application controls and not just theoretical understanding.
• ERP audit experience: SAP, Oracle, or Microsoft Dynamics etc.
• Solid working knowledge of control frameworks: COBIT, COSO, NIST, ISO 27001, and their practical application in audit contexts.
• Ability to interpret SOC reports (SOC 1 / SOC 2) and assess their relevance to a client's control environment.
• Ability to effectively manage and prioritize workload across multiple concurrent IT Audit engagements in a fast-paced, client-service environment while consistently meeting deadlines and maintaining high-quality deliverables.
• Strong organizational and time management skills, with the ability to adapt swiftly to changing engagement demands, thrive under seasonal busy period pressures, and independently drive assigned tasks forward while knowing when to escalate complex issues.
• Confident written and verbal communication; able to present draft findings to the senior in charge of engagement and/or Engagement Manager.

Expected Candidate Profile

• Recognized degree in Information Technology, Computer Science, Engineering, or Business/Accounting with a major in Information Systems
• 4–6 years of experience in IT audit, technology risk, or IT assurance
• Strong experience in IT controls testing, ERP/SAP audits, and data assurance
• Professional certifications such as CISA, CISM, CRISC are highly desirable
• Solid project management and client-facing skills
• Ability to work proactively & independently and manage multiple engagements at the same time
• Willingness to travel locally or regionally
• Ability to collaborate effectively within diverse project teams and interact respectfully with clients, fostering positive relationships and a supportive team environment.