The Planet Group
Job Title: IT Controls Auditor
Location:
Malvern, PA (Hybrid
3 days onsite: TuesdayThursday) Duration:
9 Months Overview An experienced IT Controls Auditor is needed to support internal control design, testing, and compliance activities across multiple technology teams. This role is heavily focused on evidence-based control testingnot risk assessmentand requires strong technical auditing experience within enterprise or regulated environments. The ideal candidate is detail-oriented, analytical, inquisitive, and comfortable engaging with cross-functional technology stakeholders. Key Responsibilities Perform end-to-end testing of technology controls to determine operational effectiveness. Support control design, implementation, and ongoing monitoring across IT teams. Document testing procedures, evidence, findings, and remediation recommendations with a high degree of accuracy. Partner with technology, security, compliance, and audit teams to align processes, risks, and controls. Assist with internal and external audit requests, including evidence gathering and follow-up on remediation efforts. Identify gaps in control execution and recommend improvements to strengthen governance. Facilitate meetings with auditors and control owners to ensure clarity and alignment. Contribute to training, documentation, and ongoing awareness efforts related to internal controls. Maintain strong working relationships across risk, compliance, internal audit, and engineering groups. Support standardized control documentation and reporting processes. Required Qualifications 25 years of experience in IT Audit, Controls Testing, or Risk & Compliance in a technology-focused environment. Hands-on experience conducting internal technology audits and performing evidence-based testing of IT controls. Demonstrated understanding of control testing to determine whether a control is working effectively or ineffectively. Experience with internal controls in areas such as: Access management Data protection Infrastructure or cloud governance System change controls Familiarity with IT risk and control frameworks such as SOX, NIST, COSO, or ISO 27001. Strong documentation, organization, and follow-through skills. Ability to communicate clearly with both technical and non-technical stakeholders. Comfort working within structured, regulated enterprise environments. Preferred Experience Tools and technologies listed below are helpful but not required: Identity & Access:
ACF2, SailPoint, CyberArk, Active Directory Cloud/Infrastructure:
AWS, Azure, Elastic, Wiz Systems & Applications:
Oracle, DB2, Control-M, BitLocker, GitHub, ServiceNow, Tanium, NetBackup Operating Systems:
Windows environments Additional desirable experience: Working directly with internal or external auditors Drafting remediation plans Validating evidence for compliance or SOX-related activities Exposure to large-scale enterprise technical environments Ideal Candidate Attributes Highly detail-oriented with strong documentation capabilities Strong communication and collaboration skills Inquisitive, proactive, and comfortable independently researching issues Team-oriented and able to navigate complex stakeholder groups
Malvern, PA (Hybrid
3 days onsite: TuesdayThursday) Duration:
9 Months Overview An experienced IT Controls Auditor is needed to support internal control design, testing, and compliance activities across multiple technology teams. This role is heavily focused on evidence-based control testingnot risk assessmentand requires strong technical auditing experience within enterprise or regulated environments. The ideal candidate is detail-oriented, analytical, inquisitive, and comfortable engaging with cross-functional technology stakeholders. Key Responsibilities Perform end-to-end testing of technology controls to determine operational effectiveness. Support control design, implementation, and ongoing monitoring across IT teams. Document testing procedures, evidence, findings, and remediation recommendations with a high degree of accuracy. Partner with technology, security, compliance, and audit teams to align processes, risks, and controls. Assist with internal and external audit requests, including evidence gathering and follow-up on remediation efforts. Identify gaps in control execution and recommend improvements to strengthen governance. Facilitate meetings with auditors and control owners to ensure clarity and alignment. Contribute to training, documentation, and ongoing awareness efforts related to internal controls. Maintain strong working relationships across risk, compliance, internal audit, and engineering groups. Support standardized control documentation and reporting processes. Required Qualifications 25 years of experience in IT Audit, Controls Testing, or Risk & Compliance in a technology-focused environment. Hands-on experience conducting internal technology audits and performing evidence-based testing of IT controls. Demonstrated understanding of control testing to determine whether a control is working effectively or ineffectively. Experience with internal controls in areas such as: Access management Data protection Infrastructure or cloud governance System change controls Familiarity with IT risk and control frameworks such as SOX, NIST, COSO, or ISO 27001. Strong documentation, organization, and follow-through skills. Ability to communicate clearly with both technical and non-technical stakeholders. Comfort working within structured, regulated enterprise environments. Preferred Experience Tools and technologies listed below are helpful but not required: Identity & Access:
ACF2, SailPoint, CyberArk, Active Directory Cloud/Infrastructure:
AWS, Azure, Elastic, Wiz Systems & Applications:
Oracle, DB2, Control-M, BitLocker, GitHub, ServiceNow, Tanium, NetBackup Operating Systems:
Windows environments Additional desirable experience: Working directly with internal or external auditors Drafting remediation plans Validating evidence for compliance or SOX-related activities Exposure to large-scale enterprise technical environments Ideal Candidate Attributes Highly detail-oriented with strong documentation capabilities Strong communication and collaboration skills Inquisitive, proactive, and comfortable independently researching issues Team-oriented and able to navigate complex stakeholder groups