IT Auditor

Job Description

Job Description

We are looking for an experienced IT Auditor to join our team in Tustin, California. In this role, you will assess and improve IT systems, processes, and controls to ensure compliance with regulatory standards and mitigate risks. Your expertise will help strengthen our organization's security posture and operational efficiency.

Responsibilities :

• Conduct comprehensive IT audits to evaluate the effectiveness of internal controls, security measures, and operational processes.
• Perform testing of IT controls within a publicly traded environment to ensure compliance with financial and regulatory requirements.
• Assess risks and identify vulnerabilities in IT systems, processes, and third-party vendor environments.
• Support the implementation and monitoring of Data Loss Prevention controls to address organizational security needs.
• Develop and update audit plans that align with regulatory changes and business priorities.
• Track and report remediation efforts from audit findings to ensure timely resolution.
• Ensure compliance with PCI DSS 4.0 requirements, including segmentation, iFrame, and P2PE scope reductions.
• Collaborate with cross-functional teams, including legal, finance, and business units, to maintain IT compliance frameworks and policies.
• Stay informed about regulatory changes and assess their impact on IT systems and operations.
• Drive process improvements by identifying automation opportunities and enhancing efficiency in compliance procedures.
• Bachelor’s degree in Information Systems, Computer Science, Accounting, or a related field (Master’s degree preferred).
• Certifications such as CISA, CISSP, CRISC, or similar are highly desirable.
• At least 7-10 years of experience in IT audit, compliance, or risk management roles.
• Strong knowledge of IT general controls, cybersecurity frameworks, and regulatory standards.
• Proven ability to support audits and compliance initiatives within large organizations.
• Excellent analytical, organizational, and problem-solving skills.
• Effective communication skills to engage diverse stakeholders, both technical and non-technical.
• Ability to manage multiple priorities in a dynamic, fast-paced environment.