IT Internal Auditor

As an IT Internal Auditor, you will work with an agile team in a fast-paced, high-technology environment on multiple audit engagements across the enterprise. Reporting to the Internal Audit Manager, you will partner with Technology Data & Insights (TDI), Security, Engineering, and other cross-functional stakeholders. We're looking for an individual with strong technology acumen, an understanding of technology audit and IT risk, and an eagerness to join a lean, high-impact team.

Okta is the foundation for secure connections between people and technology. By harnessing the power of the cloud, Okta allows people to access applications on any device at any time, while still enforcing strong security protections. It integrates directly with an organization's existing directories and identity systems. Because Okta runs on an integrated platform, organizations can implement the service quickly at large scale and low total cost. Thousands of customers, including Adobe, Allergan, Chiquita, LinkedIn, and Western Union, trust Okta to help their organizations work faster, boost revenue, and stay secure. To learn more about Okta, visit: https://www.okta.com.

• Participate in IT and cybersecurity risk assessments to identify key enterprise risks and define audit scope
• Design comprehensive, risk-based audit programs and testing procedures tailored to the technology environment
• Exercise professional judgment regarding project planning, risk prioritization, and objective setting for complex engagements

• Conduct process walkthroughs and execute fieldwork in strict alignment with department methodology
• Evaluate the design and operational effectiveness of key cybersecurity controls, IT General Controls (ITGCs) and IT Application Controls (ITACs)
• Prepare high-quality, detailed workpapers that clearly document testing results, evidence, and conclusions
• Leverage data analytics, AI tools, and emerging technologies to enhance audit efficiency, automate workpapers, and evaluate AI/ML controls and governance

• Identify control gaps, analyze root causes, and write clear, concise audit reports for management and stakeholders
• Discuss audit findings effectively and gain stakeholder agreement on appropriate, right-sized corrective actions
• Partner with TDI, Security, Engineering, and cross-functional teams to track and ensure the timely completion of agreed-upon remediation activities

• Provide risk-based consulting to assist management during business process improvements or new system implementations
• Provide guidance, training, and peer mentorship to other team members, fostering professional growth and knowledge transfer

• Bachelor's degree in Computer Science, Information Systems, STEM (Science, Technology, Engineering, and Math), or a related major
• 2+ years of experience in audit with a focus on technology and IT risk
• Strong understanding of IT general controls (ITGCs) and IT application controls (ITACs), including cybersecurity, Software Development Life Cycle (SDLC), access and change management, logging and monitoring, disaster recovery, and cloud computing
• Technical expertise in IT systems including infrastructure, cybersecurity, and familiarity with IT governance frameworks (e.g. NIST, CSF, and COBIT)
• Strong analytical and critical thinking skills, with proficiency in analyzing complex data and extracting meaningful insights
• Ability to identify root causes of complex issues and recommend appropriate, practical remediation and safeguards
• Strong written and verbal communication skills, including interviewing skills and the ability to effectively present audit findings with business partners
• Experience conducting a variety of audits, including financial, operational, and IT
• Familiarity with AI and data analytics tools (e.g., Claude, NotebookLM, Gemini, SQL, Python, Tableau, or Power BI) to support audit testing and continuous monitoring

• Big 4 public accounting or similar IT audit advisory experience
• Active certification or in process of achieving Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), Certified Information Systems Security Professional (CISSP), or Certified Ethical Hacker (CEH) [CISA strongly preferred]
• Experience auditing within cloud-based or Software-as-a-Service (SaaS) environments
• Awareness of AI governance, ethics, and emerging risks such as model bias, data privacy, and hallucination

• Solutions-oriented: Proactive willingness to roll up your sleeves and "get it done"
• Adaptable: Ability and desire to work hands-on in a rapidly evolving, fast-paced environment

• Supporting Your Well-Being 
• Driving Social Impact 
• Developing Talent and Fostering Connection + Community

We are intentional about connection. Our global community, spanning over 20 offices worldwide, is united by a drive to innovate. Your journey begins with an immersive, in-person onboarding experience designed to accelerate your impact and connect you to our mission and team from day one.

Okta is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, ancestry, marital status, age, physical or mental disability, or status as a protected veteran. We also consider for employment qualified applicants with arrest and convictions records, consistent with applicable laws.

If reasonable accommodation is needed to complete any part of the job application, interview process, or onboarding please use this Form to request an accommodation.

Notice for New York City Applicants & Employees: Okta may use Automated Employment Decision Tools (AEDT), as defined by New York City Local Law 144, that use artificial intelligence, machine learning, or other automated processes to assist in our recruitment and hiring process. In accordance with NYC Local Law 144, if you are an applicant or employee residing in New York City, please click here to view our full NYC AEDT Notice.

Okta is committed to complying with applicable data privacy and security laws and regulations. For more information, please see our Personnel and Job Candidate Privacy Notice at https://www.okta.com/legal/personnel-policy/.