Senior Auditor - IT Audit, SOX

Blend is a diverse team of problem solvers who believe that the world’s financial resources should be more accessible. Our cloud banking platform is used by Wells Fargo, U.S. Bank, and over 330 other financial services firms to acquire more customers, increase productivity, and deliver end-to-end digital experiences. Our software enables our customers to process an average of more than $5 billion in loans per day, making it possible for consumers to reach their financial goals faster and lead better lives. Come do work that matters.

As a Senior Auditor - Information Technology (IT) Audit & SOX, you will be primarily focused on SOX 404(b) IT audit testing for IT General Controls (ITGC), IT Application Controls (ITAC), Key Reports & Spreadsheets, and SOC1 Report Testing.  This role is responsible for IT audits in all areas of IT, including conducting fieldwork (executing, documenting and interpreting testing), and preparing draft audit findings. The IT Audit team works closely with the Business Process audit team; the entire IA team will utilize data analytics, visualizations (e.g., Tableau) and automation technologies (Generative AI, etc.).

The ideal candidate is an ex-Big 4, highly motivated self-starter with prior experience in SOX IT Internal Audits, Enterprise Risk Management, and SOX in the Fintech or Software industry who has superior written and oral communication skills, takes pride in the accuracy and timeliness of their work and is used to working as part of a remote team and collaborating with business partners based in the US, Mexico City, and India.

How you'll contribute:

• Assist with project management of SOX 404 ITGC testing, annual IA IT audit plan and Enterprise Risk Assessment, based on defined timelines and budgets.
• Contribute to the identification and assessment of IT risks.
• Perform interviews with stakeholders, take accurate notes.
• Schedule meetings, request documents from business partners.
• Obtain, analyze and evaluate existing documentation, previous reports, data, flowcharts.
• Document processes in concise narratives, as applicable.
• Develop process flowcharts and data flow diagrams.
• Evaluate compliance with policies and procedures.
• Perform work within the budget and manage tasks accurately based on timeline.
• Perform Test of Design (TOD) and Test of Effectiveness (TOE) based on pre-existing audit program, re-test remediated controls to determine if the control gap was successfully remediated .
• Perform and incorporate data analysis and visualizations in audit planning, workpaper support, final reports.
• Prepare clear, concise, accurate, logical, and detailed workpapers for work performed and conclusions reached; document these according to professional practice standards.
• Assist in planning and conducting IT internal audit projects in accordance with the Institute of Internal Auditors (IIA) professional practice standards.
• Identify and research issues with supported analysis and propose solutions.
• Explain complex, technical and/or sensitive information in a straightforward manner.
• Provide meaningful recommendations to improve policies/ procedures/ systems/ processes and address root causes of ineffective or inefficient controls.
• Work with business partners to address control gaps and monitor action plans.
• Maintain knowledge of the business of Blend Platform, including the underlying technologies.

Qualifications:

• Bachelor's Degree in a business or technology discipline.
• Big 4 (Deloitte, EY, KPMG, PwC) Advisory or Assurance background.
• Strong understanding of Software as a Service (SAAS)/Platform as a Service (PAAS).
• Strong critical thinking, analytical and investigative skills.
• Strong project and time management skills.
• Ability to think independently, take ownership, and drive initiatives to resolution.
• Ability to provide meaningful recommendations to improve policies, procedures, systems, processes; as well as to address root causes of ineffective/inefficient controls.
• Ability to explain complex and/or sensitive information in a straightforward manner.
• Proactive and self-initiating work style.
• Integrity, openness, and transparency.
• Intellectual curiosity.
• Critical thinker, ability to identify root cause of issues.

Required Skills:

• Minimum of 8 years experience in IT audit (a plus: Data Analytics experience).
• Prior experience incorporating data analysis / data analytics (including the use of SQL-based tools) & AI tools and techniques in audit planning, testing, workpaper support and final reports.
• Prior experience determining root causes for control deficiencies.
• Prior experience working with IPE (Information Provided by Entity) and testing the completeness and accuracy of key reports and spreadsheets.
• Prior experience assisting control owners in completing SOC (Service Organization Control) Report reviews for SOC1, including controls mapping and mapping of Complementary End User Computing Controls.
• Experience with auditing cloud-based, open-source systems & tools.
• Experience with auditing Agile IT.
• Experience with SOC, ISO, PCI frameworks.
• Excellent written English communication skills: clear, concise, professional.

Certification(s)

• Required:
• Certified Information Systems Auditor (CISA)