Senior IT Auditor

Summary

Join Mercury's Internal Audit function as a Senior IT Auditor to support the execution of our audit plan. You will perform hands-on IT and security audits, assess technology risks and controls, and collaborate cross-functionally to improve Mercury’s control environment. This role involves identifying and analyzing IT, cybersecurity, and data security risks, scoping and planning audits, conducting process walkthroughs and testing, assessing compliance, documenting and reporting audit issues, and collaborating on action plans and remediation. You will work with both internal teams and external partners. The ideal candidate possesses experience in scoping and planning complex audits, conducting walkthroughs and testing, working with financial services companies, and familiarity with IT control frameworks and cloud environments. Excellent communication and time management skills are essential.

Requirements

• Have experience scoping and planning new, complex audits
• Be comfortable conducting walkthroughs, creating audit test plans, and executing internal controls testing
• Have experience working with financial services companies, and have a working knowledge of laws, regulations and risk management standards for financial services
• Familiarity with IT control frameworks (e.g., NIST, ISO 27001, COBIT)
• Have exposure to cloud environments (e.g., AWS) and related security controls
• Experience with security and threat assessments
• Have the ability to quickly grasp and understand complex business processes
• Be able to build relationships/partnerships and work cross-functionally to drive time-sensitive deliverables, issues tracking, and reporting
• Have excellent written and verbal communication skills
• Be able to manage their own schedule to ensure deadlines are met
• Be a self-starter, someone who likes to innovate and think about how we can do things differently to be more efficient and effective

Responsibilities

• Assist in identifying, analyzing, and assessing risk, specifically IT, cybersecurity, and data security related, throughout Mercury
• Scope and plan multiple audits across Mercury products and operations
• Conduct process walkthroughs and execute audit testing to confirm the design and operational effectiveness of internal controls
• Assess compliance with Mercury’s compliance obligations
• Socialize, document, and report audit issues identified
• Collaborate with teams to develop appropriate action plans, track audit issue remediation, and conduct issue follow up testing
• Other duties as assigned

Benefits

• Base salary
• Equity (stock options)