Senior Internal Auditor – IT

As passionate about our people as we are about our mission.

What We’re All About:

Q2 is proud of delivering our mobile banking platform and technology solutions, globally, to more than 22 million end users across our 1,300 financial institutions and fintech clients.  At Q2, our mission is simple: Build strong, diverse communities by strengthening their financial institutions. We accomplish that by investing in the communities where both our customers and employees serve and live.

What Makes Q2 Special?

This position is an individual contributor within the Internal Audit Team responsible for leading and executing high-impact, risk-based IT audit engagements aligned with regulatory frameworks (e.g., SOX, FFIEC, NIST) and organizational priorities. The ideal candidate will have experience auditing complex IT environments and a deep understanding of cybersecurity, IT governance, and technology risk.

This role contributes to the annual IT audit plan by assessing risk, planning and scoping audits, and delivering assurance and advisory services across areas including financial reporting, cloud computing, data protection, third-party risk, and IT operations. The Senior IT Internal Auditor will collaborate with stakeholders across Accounting, Technology, Information Security, Risk, and Compliance to drive risk mitigation and control improvement efforts.

Roles & Responsibilities:

• Execute SOX IT and information systems testing program, including conducting walkthroughs, analyzing audit evidence, executing controls testing, identifying and defining issues, and documenting business processes and procedures.

• Support the creation of status reports and planning materials assist with overall and collaborate closely with internal and external stakeholders for the IT Program. Perform the end-to-end planning, execution, and reporting with the IT Internal Audit Manager of risk-based IT audit engagements across domains such as:

  • Information Security Program

  • Network & System Security

  • Business Continuity and Disaster Recovery (BC/DR)

  • Change Management and Software Development Lifecycle (SDLC)

  • Third-Party Risk Management (TPRM)

  • Identity & Access Management (I&AM)

  • IT Operations and Asset Management

  • Privacy and Data Protection

  • Cloud and Outsourced Services

•  Evaluate  IT risks, control maturity, and alignment with regulatory expectations.

• Provide risk advisory and control consultation to IT and business leadership on strategic technology initiatives, regulatory obligations, and emerging threats.

• Collaborate closely with cross-functional stakeholders, including Accounting, Information Security, Compliance, Legal, and Engineering teams, to understand business processes and evaluate control effectiveness.

• Develop and deliver clear, concise, risk-focused audit reports dealing with complex and sensitive issues, including findings, root cause analysis, and actionable, in a timely manner for internal and external audiences..

• Complete assigned responsibilities following audit standards.

• Partner with internal and external audit teams to ensure a timely and efficient testing approach and issue resolution.

• Monitor and validate the implementation of management action plans and ensure sustainable remediation of control issues.

• Support new system implementations and ensure compliance with existing policies 

• Conduct risk assessments, including the identification of controls and testing attributes.

• Contribute to the development and evolution of the IT audit program, including risk assessment methodology, audit universe updates, and use of data analytics.

• Act as a key liaison to internal and external auditors, examiners, and other assurance functions to ensure coordinated risk coverage and alignment.

• Take initiative and suggest alternatives for process improvements.

• Duties may change and Team Members may be required to perform other duties as assigned.

Minimum Experience and Knowledge:

• Bachelor’s degree in Information Technology, Accounting, Finance, or a related field

• Five or more years of experience in IT audit, internal audit, cybersecurity, financial services, or a related business function

• Thorough understanding of internal controls, IT risk, and regulatory requirements including SOX, FFIEC, and financial compliance frameworks

• Strong knowledge of internal audit methodologies, including experience leading audit projects in accordance with the Institute of Internal Auditors (IIA) Global Standards

• Demonstrated ability to independently plan, execute, and manage complex audit engagements with minimal supervision

• Proven ability to communicate complex concepts clearly across both technical and non-technical stakeholders

• Experience operating as a subject matter expert in key areas such as IT General Controls (ITGCs), IT Application Controls, agile software development practices, NIST frameworks, and/or GAAP

• Strong project management skills with the ability to manage multiple priorities simultaneously while maintaining attention to detail and accuracy

• Advanced proficiency in Microsoft Excel, Word, Outlook, and data analysis tools used for issue identification and trend monitoring

• Highly self-motivated, results-driven, and committed to delivering high-quality work in a dynamic environment

• Excellent time management and organizational skills, with the ability to support multiple projects, work both independently and collaboratively within the team and effectively prioritize and manage a large volume of work

• Superior interpersonal, written, and verbal communication skills, with the ability to create thorough documentation and interface effectively with individuals at various levels

• Ability to remain organized, pay strict attention to detail, and meet critical deadlines within a high volume, fast-paced environment

• Analytical with strong problem-solving abilities and creative resolution skills

• Demonstrated discretion and trustworthiness when working with confidential financial, operational, or employee data

• Holds an active CIA, CISA, or CPA designation or evidenced plans to pursue.

Preferred Experience and Knowledge

• Overall 5+ years of experience with at least 3 years of direct experience in IT Audit for a SaaS company or equivalent IT audit experience at a top-tier firm (Big 4, RSM, Protiviti, etc.)

• 2+ years of experience leading end-to-end engagements and/or leadership experience within the information technology or security fields

• Demonstrated knowledge of internal controls, business risks and audit techniques in a large SaaS organization

• Demonstrated knowledge of SOC1 and SOC2 requirements

• Knowledge of data analytics tools such as ACL, Power BI, or Tableau

• Experience with AuditBoard or other audit engagement support tools

• Maintains other designations including Certified Management Accountant (CMA), Certified Fraud Examiner (CFE), Certified Information Security Systems Professional (CISSP), Certified Financial Services Auditor (CFSA), or other relevant business designation.

#LI-RR

This position requires fluent written and oral communication in English.

Health & Wellness

• Hybrid Work Opportunities

• Flexible Time Off 

• Career Development & Mentoring Programs 

• Health & Wellness Benefits, including competitive health insurance offerings and generous paid parental leave for eligible new parents 

• Community Volunteering & Company Philanthropy Programs 

• Employee Peer Recognition Programs – “You Earned it”

Click here to find out more about the benefits we offer.

How We Give Back to the Community:

You can learn more about our Q2 Spark Program, Q2 Philanthropy fund, and our employee volunteering programs on our Q2 Community page. Q2 supports dozens of wide-reaching organizations, such as the African American Leadership Institute, and The Trevor Project, promoting diversity and success in leadership and technology. Other deserving beneficiaries include Resource Center helping LGBTQ communities, JDRF, and Homes for our Troops, a group helping veterans rebuild their lives with specially adapted homes.

At Q2, our goal is to be a diverse and inclusive workforce that fosters mutual respect for our employees and the communities we serve. Q2 is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status.