IT AUDIT MANAGER SKILLS, EXPERIENCE, AND JOB REQUIREMENTS

Reviewed by Lam Nguyen under Editorial Standards

Updated: Mar 19, 2026. The Information Technology (IT) Audit Manager has extensive experience in IT governance, cybersecurity, risk management, and internal auditing, with knowledge of frameworks like NIST, ISO 27001, and COBIT. This role requires strong analytical, leadership, and communication skills, along with the ability to evaluate internal controls and manage audit processes. The manager also possesses relevant certifications (e.g., CISA, CISSP, CIA) and the capability to collaborate, lead teams, and deliver risk-based audit solutions.

Essential Hard and Soft Skills for a Standout IT Audit Manager Resume

IT Audit
SOX Compliance
Risk Assessment
Internal Controls
Control Testing
Audit Planning
Audit Reporting
IT Governance
Data Analytics
Cybersecurity Audit

Leadership
Stakeholder Communication
Team Management
Problem Solving
Critical Thinking
Decision Making
Relationship Building
Time Management
Adaptability
Mentoring

Summary of IT Audit Manager Knowledge and Qualifications on Resume

1. BS in Information Technology with 6 years of Experience

Strong and confident working professional.
Comfortable in dealing with conflict and/or difficult situations, but is also able to build effective relationships with key stakeholders.
Experience in the external or internal IT auditing field (preferably with a Big 4).
Strong understanding of IT risk and controls within a complex environment.
Excellent attention to detail and Good written and oral communication skills.
Ability to effectively communicate with relevant stakeholders and to present key information to a senior audience.
Good understanding of the practical requirements of the Sarbanes-Oxley Act and the application of Internal Controls.
Able to adopt a flexible approach, multitask and deliver to deadlines.
Able to collaborative team player, who is also able to work effectively autonomously team player but also able to work autonomously.

2. BA in Management Information Systems with 8 years of Experience

Experience in IT Auditing, Finance, or Accounting, with audit management and/or supervisory experience.
Must have Big Four public accounting experience.
Must have CISA, CPA, or CIA certification.
Ability to communicate effectively in a positive/upbeat fashion, utilizing English, both in oral and written form, and further language skills.
Ability to manage audit staff and/or co-sourcing partners for co-sourcing audits.
Ability to manage projects independently, review audit files and provide appropriate feedback to auditors.
Able to exhibit outstanding leadership, prioritization, and strong time management skills.
Proficient in Word and Excel, Data analytics (e.g., Alteryx, Power BI).

3. BS in Computer Science with 9 years of Experience

Experience assessing complex system architecture, software development, IT Operations and Compliance, Information Security, and/or Technical Program Management.
Strong risk management experience, including performing assessments and audits, designing controls, managing enterprise control frameworks, and prioritizing risk.
Ability to debug complex problems across multiple layers of software and hardware.
Technical knowledge of at least two of application security, system security, network security, authentication/authorization protocols, or cryptography.
Hands-on experience in at least one of the above.
Experience building and architecting on Cloud-based Platforms.
Big 4 accounting or consulting firm experience with a technical or information security background.
Must have relevant certifications (CISA, CISSP, CISM, CFE).
Experience writing data queries or scripts, implementing technical solutions, or other related skills learned from IT-related jobs.
Excellent written and verbal communication skills.
Able to prepare reports and make presentations to senior-level management.
Able to interact with various levels of employees to collect and communicate information.
Experience with multiple compliance standards, such as PCI DSS, SOC 1/2/3, ISO 27001/27017/27018, FedRAMP, COBIT, and/or ITIL.

4. BA in Accounting with 7 years of Experience

Experience with IT auditing, risk management, Information Security, IT program or project management, technology, engineering and/or software development.
Strong written and spoken English language skills.
Ability to motivate, influence, and manage diverse teams.
Strong risk management experience, including performing assessments and audits, designing controls, managing enterprise control frameworks, and prioritizing risk.
Willingness to dive deep into own audits, combined with experience collaborating on a team.
Excellent written and verbal communication skills.
Experience in preparing reports and making presentations to senior-level management.
Experience interacting with various levels of employees to collect and communicate information, and influence decisions.

5. BS in Cybersecurity with 5 years of Experience

Able to be a fast learner who can quickly absorb the nuances and behaviors of Amazon's systems architecture.
Strong analytical skills and proven history of analyzing data and situations to identify meaningful observations.
Able to work in a results-oriented, high-energy, self-motivated environment.
Experience with AWS products and services.
Knowledge of system security vulnerabilities and remediation techniques, including penetration testing and the development of exploits.
Experience with data, hardware security, system and network security, authentication and security protocols, cryptography, and application security.
Knowledge of threat modeling or other risk identification techniques.
Knowledge of system security vulnerabilities and remediation techniques.
Familiarity with attack patterns and exploitation techniques.

6. BA in Business Administration with 7 years of Experience

Experience in banking-related enterprise business applications, IT audits, IT risk assessments and risk management, and/or relevant internal audit work.
Professional designation (e.g., CISA, CISSP, CIA, CPA, PMP, PMI).
Knowledge of the banking-related regulatory environments.
Demonstrated time management and organizational skills, as well as flexibility to adapt to changing priorities.
Confident presentation skills and proven capability to facilitate working with auditees and senior management at all levels.
Ability to analyze and form an opinion on risks and controls relating to IT systems and link them to associated business impacts.
Working knowledge and experience with Unix/Windows operating systems and Oracle/SQL Database security configuration.
Working knowledge and/or first-hand experience with emerging technologies (e.g., Cloud, Blockchain, Agile Development, APIs, Big Data).
Must have relevant certifications (CISA, CISSP, CISM, CFE).
Experience with process assessment and improvement (e.g., Kaizen, Six Sigma).
Big 4 accounting or consulting firm experience.

7. BS in Data Analytics with 9years of Experience

Must have internal/external auditing experience.
Able to manage direct reports.
Experience assessing cybersecurity/information security functions.
Strong understanding of internal audit principles, methodologies, and language.
Broad understanding of Enterprise IT, including Networking, Infrastructure, SDLC, and Cloud.
Broad understanding of information security functions and tools, including SIEM, DLP, Kali, WSDL, and Nmap.
Able to pay attention to detail.
Ability to elicit key information during walkthroughs.
Understanding the context of overall risk.
Relevant certifications or achievements.
Must have data analytics skills.
Able to engage in community engagement.
Must have automation experience.
Must have programming experience (Python, SQL, Bash, PowerShell, Netscape, Swift).

8. BA in Economics with 6 years of Experience

Experience in IT or Operations internal auditing, Sox ITGC, risk management, IT compliance, IT project management, information security, software development, or technology (either in implementation, operation, or assessment role).
Professional certification (IIA, CISA, CISM, or equivalent).
Experience in IT auditing, information technology, and security.
Strong ability to work collaboratively and cooperatively with all employees, irrespective of their status in the organization.
Ability to work on different projects simultaneously.
Ability to translate technology topics and into "business speak" to be understood by a wide range of both technology and business stakeholders.
Ability to motivate, influence, and manage diverse teams.
Experience a fast-paced environment that is ever-changing.
Fluent in English (written and spoken), German.
Able to familiarize with COSO, COBIT, ISO and ITIL frameworks.

9. BS in Computer Engineering with 8 years of Experience

Experience focused on information systems audit or an equivalent breadth of experience in information security, systems, and network technology, including managerial experience.
Experience with auditing application controls.
Experience as an external auditor.
Strong interpersonal skills to build/maintain ongoing business relationships.
Must have experience with SAP.
Able to exercise professional judgment within defined procedures.
Able to apply concepts of materiality to testing and evaluation of results.
Able to independently evaluate the effectiveness of controls to prevent errors in financial reporting.
Able to perform all job responsibilities with integrity.

10. BA in Finance with 7 years of Experience

Effective communication skills with personnel from any grade level.
Thorough knowledge of auditing policies, practices, and systems.
Thorough knowledge of Sarbanes-Oxley legislation and PCAOB Standard #2201.
Thorough knowledge of general computer controls related to operations, information security and change management of systems software, application source code, network, and system database technologies.
Intermediate knowledge of automated and manual application controls.
Understanding of the SSAE 18/ISAE 3402 auditing standard.
Understanding of process improvement and best practices.
Understanding of data analysis tools and concepts.
Must have CPA, CIA, CISA, or Six Sigma certification.

11. BS in Computer Science with 6 years of Experience

Must have CISA, CISSP, CISM, or other relevant certification.
Must have internal and/or external IT audit experience.
Mix of operational and IT audit experience.
Business risk awareness and appropriate judgment to use a risk-based approach while executing the audits.
Ability to communicate complex and potentially sensitive issues to various levels of management, both within ACA’s IT functions and outside to key non-technical business personnel.
Able to conform to shifting priorities, demands and timelines through analytical and problem-solving capabilities.
Must possess excellent communication skills (written and oral).
Excellent presentation, relationship building and interaction skills.
Must possess strong computer skills (MS Word, Excel, Access, and PowerPoint).
Must be able to think analytically, independently and objectively.
Ability to work with all levels of staff and management (including C-level executives).

12. BA in Accounting with 7 years of Experience

Experience in leading IT Audits.
Able to review work papers.
Able to write reports, documenting issues.
Must have technical exposure.
Able to test IT General Controls.
Knowledge frameworks, COBIT, NIST, 800-53 (InfoSec Framework), ITIL.
Must have IT Risks, IT Controls experience.
Must have Big4 Consulting/Big Companies exposure.

13. BA in Business Administration with 6 years of Experience

Relevant experience to include experience in conducting IT SOX audit work and system reviews, and internal audit and/or public accounting.
Must have proven organizational skills.
Strong project and time management skills.
Sound decision-making and problem-solving skills.
Must have leadership ability.
Proven written and verbal communication skills.
Ability to make effective verbal presentations.
Must have strong analytical skills.
Ability to provide written documentation to support the audit procedures performed.
Knowledge of SDLC, SOX 404 Compliance, IIA and/or ISACA standards.
Must have experience with PeopleSoft.
Proficient in Microsoft Excel, Word, and PowerPoint.
Must have CPA, CISA, and/or CISSP certification.

14. BS in Information Systems with 7 years of Experience

Relevant IT work experience, preferably within the financial services industry.
Internal and/or external IT auditing experience, preferably with a Big 4 Accounting Firm.
Self-motivated with the ability to assess and determine risk, reason logically, analyze and evaluate data and information, and draw appropriate conclusions.
Demonstrated ability to think critically, challenge existing controls and documentation, provide suggestions on new ways to approach tasks, proactively manage assigned tasks, handle multiple tasks concurrently and adhere to tight deadlines.
Excellent presentation, communication and writing skills.
Demonstrated ability to present analysis and findings in a cohesive, understandable, and actionable format to all levels of management.
Strong Knowledge of internal controls and SOX requirements, Sarbanes-Oxley Act of 2002, PCAOB standards, COSO and COBIT frameworks.
Demonstrated project management experience.
Ability to apply auditing protocols, lead groups of people and effect change in a matrix organization by influencing stakeholders.
Certified Information Systems Auditor (CISA) certification will consider other certifications (e.g., Certified Public Accountant/CPA, Certified Internal Auditor/CIA, Certified Information Systems Security Professional/CISSP, etc.).
Must have cybersecurity experience.
Knowledge of the COBIT and/or COSO frameworks.

15. BS in Cybersecurity with 8 years of Experience

Must have audit experience.
Must have IT audit management experience.
Demonstrated communication skills, both verbal and written.
Established MS Excel and MS PowerPoint skills.
Ability to work under pressure in a fast-paced environment.
Proven track record regarding ability to build positive working relationships.
Effective project management skills.
Must be able to manage multiple engagements concurrently.
Experience in data analytics.
Enthusiastic, self-motivated, strong interest in learning, effective under pressure.
Must be flexible and effective as business conditions change.
Must have Big-4 Audit Firm experience.

16. BA in Management Information Systems with 7 years of Experience

Work experience in technology or financial auditing.
Must have CIA or CISA certification.
Understanding and knowledge of DCI applications, financial data processing.
Understanding of reading various reports pulled from programming languages.
Advanced knowledge and understanding of conducting audits.
Advanced knowledge of computer use, including accounting and financial management application packages, word processing, and spreadsheet applications.
Proficiency in composing business letters, mailings, creating and maintaining spreadsheets.
Excellent leadership skills and conduct of interpersonal relations.
Effective planning, coordination, time management, and organization skills.
Effective and appropriate verbal, face-to-face and written communication skills.
Advanced PC operation skills, word-processing, and spreadsheet software proficiency, Microsoft Excel, Word, and Microsoft Office applications.

17. BA in Finance with 9 years of Experience

Professional IT auditing qualification, such as CISA or equivalent designation.
Preferably with broad IT Audit experience in internationally recognized accounting firms or in-house roles.
Good knowledge of airline operations and related regulatory requirements.
Strong technical knowledge of risk and control in various IT domains such as IT infrastructure, Agile software development, as well as other key areas including Digital transformation, Project management, Information security and Data management.
Good understanding of emerging technologies and associated risks (including Cloud, Cybersecurity, DevOps and AI).
Hands-on experience in any of the data analytics and business intelligence tools such as Power BI, QlikView, Alteryx, Python and O365, etc.
Strong analytical skills and the ability to work independently and in a matrix and remote environment.
Strong interpersonal, communication and presentation skills, including managerial courage, dealing with ambiguity.
Able to team player who is self-initiated, independent and able to meet tight schedules.
Ability to create and maintain good working relationships with teammates and all levels of staff members from various business units.
Must have CISM, CISSP, CPA and/or CIA.
Fluent in writing and speaking in English and Chinese.
Must have Insurance, Financial Services, or Banking experience.

18. BS in Computer Engineering with 8 years of Experience

Experience working in internal or external audit, or in compliance roles, and experience with US GAAP and SOX.
Experience designing and implementing financial and IT controls, and/or reviewing financial and IT processes and controls, in the context of SOX 404/NI 52-109 assessments.
Curiosity and passion to constantly learn new things across a broad range of products and technologies.
Ability to manage and coordinate multiple project assignments simultaneously in a fast-paced, deadline-oriented environment, overseeing the process and delivering on commitments.
Exhibit analytical and critical reasoning skills with a passion for problem-solving, strong attention to detail, and excellent communication skills.
Proven team leadership, management skills and technical depth allow for to development and mentoring of others and building credibility with the team, while executing broader Internal Audit strategies.
Professional certification related to IT audit (e.g., CPA, CISA, CRISC, CISSP, etc.), or currently working towards one.
Experience in high-growth, global technology companies, or in a company leveraging a significant amount of technology.
Experience with data visualization tools (e.g., Alteryx, Tableau, Power BI) and common programming languages (e.g., Python, Ruby, SQL).
Experience working with cloud technologies and DevSecOps tools, including the Google Cloud Platform (i.e., Compute Engine, Google Kubernetes Engine, Container Registry, Identity and Access Management).

19. BS in Data Science with 7 years of Experience

Recognized professional certifications, CISA or CISSP.
Relevant IT audit and SOX experience, technology industry experience.
Strong understanding of IT auditing standards and techniques, financial and operational risks and controls, SOX and COSO framework.
Experience designing and implementing risk assessments and internal controls.
Adept at assessing complex IT and business processes environments to identify potential IT, financial, operational, and compliance risks.
Must have the highest level of integrity and ethics.
Ability to prioritize activities while working on multiple projects to achieve target deadlines.
Strong communication and interpersonal skills.

20. BA in Economics with 6 years of Experience

Must have an Active CPA designation OR CISA Certification.
IT audit experience, preferably in another professional services firm.
Diverse skillset in internal controls, auditing and information technology.
Proficient in Microsoft Office suite applications.
Strong analytical, written and verbal communication and interpersonal skills.
Ability to interact in a team environment, as well as work independently.
Strong project management skills.
Aptitude for learning emerging technologies used by clients.
Must have CISSP, CISA certifications.
Experience in networking, security, and administration in an Active Directory environment (preferably a large environment).
Able to familiarize with ISACA and AICPA audit standards, and know how to apply audit theory, procedures and techniques.
Must have security framework experience.

21. BA in Accounting with 7 years of Experience

Technical IT audit experience (e.g., infrastructure controls, cybersecurity controls, application controls, or IT general controls).
Experience with Cloud controls (especially AWS).
Strong communication skills (oral and written) to be able to clearly articulate control issues to all levels of management.
Must have well-developed interpersonal skills to build relationships both internally and externally, including the ability to thrive within a team-oriented environment.
Experience auditing operating systems and database technologies, as well as key ITIL processes.
Must have a certified professional designation (e.g., CISA, CRISC, CISSP, CIA).
Good at cultivating relationships with clients and within the Internal Audit Group and building trust that facilitates an open mindset and free exchange of information.
Able to function independently and multitask in a dynamic, changing environment.
Strong project management skills.
Strong leadership among the team and peers.

22. BS in Information Technology with 6 years of Experience

Experience in internal, external audit, consultancy, project management, or equivalent.
Experience in insurance, fin. services industry and/or in Finance, IT, Risk Management/Actuarial.
Good understanding of IT, Systems and Data analytics.
Must have audit-related certification (CIA, CFA, CISA, or a country-specific certification).
Project management experience, from individual task management to the ability to manage large, complex projects.
Strong intellectual and analytical skills and a very good understanding of processes, structures, and the regulatory environment.
Excellent communication skills, as well as the talent to empathize with the auditee’s perspective and the ability to listen.
Able to demonstrate team spirit, self-motivation, as well as ability to interact in a global work environment with people from different countries and cultures.
Proven command of the English language (verbal and written) and fluency in at least one additional language.

23. BS in Computer Science with 7 years of Experience

Strong understanding of GAAP, SOX, COSO, IT audit concepts, and leading internal audit practices.
Working knowledge of business cycles and understanding of associated key risks and controls.
Must have relationship-building and influencing skills to foster effective working relations across the teams, including functional and divisional leaders.
Demonstrated track record of leading projects, developing audit programs, and implementing proposals.
Willingness to take ownership and dedicate the time and/or resources needed to complete departmental and company-wide initiatives.
Demonstrated a confident and well-developed communication style that establishes credibility and facilitates a clear understanding of audit issues.
Strong ability to learn on the fly to understand and solve complex problems with a collaborative and optimistic attitude.
Proven capability in conducting and managing quantitative analysis with the highest level of attention to detail.
Professional business experience, including public accounting, internal audit, IT audit, or other relevant areas.

24. BA in Business Administration with 6 years of Experience

Internal and/or external IT audit experience.
Must have CISA, CIA, CISSP, and CISM certifications.
Must have general IT knowledge.
Broad understanding of IT and business processes, IT general controls, cybersecurity, and emerging technologies.
Able to familiarize with COBIT, ITIL, FFIEC IT Booklets, NIST 800 and ISO 27000.
Experience with data analytics.
Experience with TeamMate+ and ACL.
Ability to write effectively in English using correct spelling and grammar.
Ability to speak clearly, tactfully, and effectively in English.
Basic math skills, including the ability to compute rates, ratios, and percentages using a 10-key.
Proficient in the use of basic applications in a Windows-based environment, including Outlook, Word and Excel.

25. BS in Cybersecurity with 4 years of Experience

Able to clear written and verbal communications.
Ability to work with colleagues across cultures and countries.
Strong foundation in audit concepts and techniques.
Demonstrated knowledge or interest in risk management leading practices.
Able to ensure regulatory compliance (Insider Trading, Privacy).
Able to implement enterprise risk management (Financial and Operational Risk).
Able to enforce sanctions and anti-money laundering.
Able to fight corruption.
Able to design and use data analytics.
Able to manage multiple audits that are completed within quality, time and budget.
Able to train and mentor junior associates.

26. BA in Management Information Systems with 6 years of Experience

Experience as an IT Internal Auditor or in a similar role, in Multinational Manufacturing/Consumer Business Companies (experience in Fast-moving Consumer Goods industry).
Understanding of systems infrastructure (networks, hardware, operating systems, databases, and applications).
Experience in process analysis and control assessment to identify weaknesses and improvement areas.
Knowledge of IT standards and key regulations impacting IT, such as COBIT, ISO 270001, or ITIL.
Knowledge of SAP, MS Office, as well as knowledge of ACL.
Professional certifications (e.g., CISA/CIA or equivalent).
Strong analytical skills and close attention to detail, including the ability to analyze data, systems and procedures.
Highly developed project management, organization, prioritization and time management skills.
Solid ability in negotiating and influencing stakeholders.
Able to show resilience in dealing with discussions on audit findings.
Excellent written and verbal communication skills.
Must be fluent in English.

27. BS in Data Analytics with 9 years of Experience

IT audit/cybersecurity experience, with a CISA, CISSP, or other related certification.
Experience managing teams and projects, leading senior-level meetings, and auditing cloud-based platforms.
Prior experience in a public accounting firm or a private industry internal audit department, including leading assessments of IT processes and systems for Sarbanes-Oxley compliance.
Ability to identify/assess business and IT risks, design and complete appropriate audit programs, and deliver audit reports independently.
Strong understanding and skilled in virtual systems and AWS cloud services and environments, along with microservices architecture and coding using agile/scrum development techniques.
Deep knowledge and hands-on experience with SAP systems, focused on S/4, GRC, BW and HANA databases in cloud deployments.
Skill in IT security and general controls reviews of complex architectures, across the many IT layers (Networking/OS/Middleware/DB/App) and with broad knowledge and practice in various technologies.
Strong leader with the ability to learn new technology concepts quickly, exhibit sound professional judgment and willingness to challenge the status quo.
Ability to work, take ownership, and succeed in a constantly evolving environment.
Ability to assess complex situations, develop effective comprehensive solutions and manage issues to resolution.
Ability to effectively communicate with various levels of management from the organization and external auditors and partners.
Highly motivated (seeks out opportunities), fastidious (represented in quality of work) and analytical (focuses on the data).
Must be an excellent teammate and demonstrate the ability to multitask and quickly adapt to re-prioritization of tasks.
Experience and knowledge of industry compliance standards, practices, and control frameworks, such as PCI DSS, ISO 27000 series, NIST 800 series, CIS CSC, SSAE/SOC, DevOps, CSA CMM, COSO, ITIL and/or COBIT.

28. BA in Economics with 8 years of Experience

IT Applications Audit experience.
Must have a CISA designation.
Strong written and verbal communication skills.
Confident presentation and facilitation skills and strong interpersonal and influence skills to work effectively with clients and senior management at all levels.
Excellent time management skills and a proven ability to meet deadlines.
Must have people management experience.
Knowledge of the Bank's business and systems environments.
Knowledge of emerging technologies such as Artificial Intelligence, Machine Learning, and Cloud Security.

29. BA in Finance with 7 years of Experience

Internal or external auditing, with experience in IT audit at public companies or Big 4.
Understanding of the general computer control areas and COBIT, SOX, and COSO.
Experience evaluating security and controls for on-premise, homegrown, and SaaS systems.
Experience communicating audit results and findings to executives.
Must have certifications in at least one of the following: CISA, CISSP, CISM.
Experience using spreadsheet and flowcharting tools.
FinTech or financial services experience.
Experience managing/implementing audit and compliance management tools (e.g., Workiva, AuditBoard).

30. BS in Computer Engineering with 6 years of Experience

Must have CISA certification.
Experience in corporate audit and information technology, with management/supervisory experience.
Demonstrated history of accomplishments.
Strong organizational, leadership and teamwork skills.
Ability to develop exceptionally talented individuals.
Ability to provide sound business judgment and strategic thinking to enable DISH Network to create and sustain a world-class internal control and risk assurance environment.
Ability to inspire a strong spirit of cooperation among the management team and internal audit staff, in which a philosophy of continuous process improvement and disciplined process execution is embraced.
Strong proficiency in internal auditing principles and best practices, with specific knowledge of COSO and COBIT frameworks, and other generally accepted auditing standards.
Knowledge of Sarbanes-Oxley requirements, particularly Section 404.
Exceptional verbal and written communication skills.
Strong analytical abilities, capability to maintain composure under pressure.
Able to detail-oriented and employs a proactive approach to problem solving.

31. BS in Information Technology with 9 years of Experience

Ability to obtain and maintain certain job-related certifications if no job-related advanced degrees.
Understanding of IT Assurance practices.
Understanding of Government Audit standards.
Understanding of Attestation Services.
Understanding and managing firm risk on IT audits and proposals.
Able to coach and mentor junior staff members (managers and senior managers).
Ability to sit in an office environment for long periods of time.
Ability to obtain and maintain a security clearance.
Ability to communicate clearly in writing and verbally.
Ability to obtain and maintain firm independence and abide by firm ethics requirements.

32. BA in Economics with 6 years of Experience

Must have CISA certification.
IT Audit experience on International Standards on Auditing (ISAs) based engagements.
Solid relevant experience within a Big 4 Audit firm in IT Audit.
Experience in managing IT Audit engagements.
Experience in coaching staff.
Able to work meticulously, quality-focused focused and yet an efficient driver towards achieving goals and deadlines.
Must have a highly organized.
Possess strong English communication skills.

33. BS in Computer Engineering with 8 years of Experience

Must have a Certified Information Systems Auditor (CISA).
Must have a Certified Information Systems Security Professional (CISSP).
Must have a Certified Cloud Security Professional (CCSP).
Must have Cisco Certified Network Professional (CCNP) Security, or equivalent.
IT Audit experience in Cloud and Network Infrastructure.
IT Audit experience in a large organization or conglomerate, holding companies, real estate, manufacturing, logistics, energy, and mining industries.
Knowledge of risk-based or global audit approach/methodology.
Able to familiarize with information technology and security standards and frameworks such as ISO, NIST, OWASP, CIS, and so forth.
Able to perform network vulnerability assessment and penetration testing using various tools.
Good command of English and advanced command of German/French or other European languages.
Strong project management skills.
Advanced written and verbal communication skills and presentation skills.

34. BA in Finance with 7 years of Experience

Internal and/or external IT audit experiences across IT PMO, Risk and Governance, Process Improvement, and operation management experience, preferably from the retail industry.
Experience working in IT audits/IT Risk Advisory with a Big Four firm.
Must have certification as a CISA, CISM, CISSP, or Certified Ethical Hacker (CEH).
Hands-on experience in any data analytics and business intelligence tools such as Power BI, Qlik, KNIME and Python.
Hands-on experience in Cybersecurity and IT transformation management.
Strong analytical, interpersonal, communication and presentation skills, including managerial courage, dealing with ambiguity.
Good command of written and spoken English and Mandarin.
Relevant professional experience at a consulting firm or a financial company.

35. BA in Accounting with 8 years of Experience

Must have a Certified Internal Auditor (CIA) or Certified Information Systems Auditor (CISA) designation (certification completed or enrolled).
Must have internal auditing experience.
Must have IT audit experience.
Experience in Audit management or a supervisory role.
Strong management, business analysis, and risk management expertise.
Excellent written and verbal communication skills and outstanding interpersonal skills.
Professional accounting designation (CPA) or an IT certification/designation (CISSP, CISM, or other applicable IT certifications).
Must have analytical skills.
Able to manage stakeholder management.
Experience in an IT audit environment.
Must have organizational skills with the ability to manage multiple priorities.

36. BS in Data Analytics with 12 years of Experience

IT Audit or equivalent experience.
In-depth and solid overall experience and knowledge of IT Governance, IT Governance Frameworks (ITIL, COBIT), IT Strategy, and IT Risk Management.
In-depth and solid overall experience and knowledge of IT Management main operational IT processes (Asset/Change/Configuration Management, Identity and Access Management, Incident/Continuity Management, Project Management), IT Infrastructure and Architecture elements, IT Application Controls.
In-depth and solid overall experience and knowledge of all Security Domains (Identify, Protect, Detect, Respond, Recovery) main security reference frameworks (NIST, ISO27001), Security Management processes (Incident, Vulnerability and Identity and Access Management, Secure Software Development) and related controls, main technologies and controls with respect to the implementation of protection (e.g. NAC), detection (e.g. SIEM) and response (e.g. EDR) measures.
Good Knowledge of Italian (IVASS) and European (EIOPA) regulatory frameworks and their relevance in the IT and Security field.
Excellent knowledge of English, both written and spoken.
Professional experience in applying relevant technical knowledge in at least one of the following engagements: financial statement audits, internal or operational audits, and/or ERP security and controls reviews (Oracle, SAP, PeopleSoft).
Extensive experience working as an IT auditor or IT risk adviser for a public accounting firm, a professional services firm, or within the industry.
Excellent leadership, teamwork and client service skills.
Must have a CPA, CA, CISA, CISSP, CISM, CBCP, CIA, CIPP, CGEIT, or certification.

37. BA in Management Information Systems with 6 years of Experience

Experience in internal audit, security, risk, compliance, or other assurance discipline.
Practical experience and/or good understanding of IT Operations (including IT Networks and devices) or Software Quality Assurance as part of an Agile SDLC environment.
Knowledge of the ISACA and/or IIA professional audit standards.
Experience of auditing or providing assurance over IT general controls and IT processes (IT Operations, Agile SDLC, Information Security, etc.) within the financial services or other highly regulated industry.
Must have holds globally recognized certifications such as CISA, CISM, CEH, CCNA, Scrum Master, or equivalent.
Experience in IT Service Management or knowledge and understanding of ITIL, COBIT Frameworks.
Able to use ACL or other data analytics tools.
Knowledge of auditing principles and practices, as well as the analysis and reporting of audit information.
Experience with common internal control frameworks and guidance, including COBIT, NIST, Sarbanes-Oxley, SOC, ISO 27000, PCI-DSS, and FFIEC IT Handbook.
Must have CIA, CISA, CISM, CISSP, or other relevant certifications.

38. BS in Information Technology with 7 years of Experience

Experience in IT security governance, IT Infrastructure/Cybersecurity/outsourcing operations, and Technology Risk Management in banking or FI.
Knowledge or exposure to cybersecurity controls, infrastructure technology (i.e., cloud security, network, virtualization), ethical hacking, application security, API, micro services and secure coding standards.
Strong familiarity with the regulatory requirements specific to technology risk management (e.g., MAS, RMiT, OJK).
Good report writing, communication and presentation skills.
Able to complete audit work papers and reports with minimal intervention by the audit manager/team lead.
Able to provide continuous monitoring of technology areas, engage technology control partners to keep up with the changing IT risk landscape of the group.
Able to pay attention to details to ensure completeness and accuracy of audit coverage.
Strong analytical skills, time management, independent and collaborative.
Able to interact well with all levels of staff.
Self-motivated and takes initiative to improve the current state of things and adaptable to embrace new changes.
Able to demonstrate alignment with the organisation’s core values through expected behaviours.
Must have a high level of integrity, take accountability for work and have a good attitude towards teamwork.
Able to take the initiative to improve the current state of things and adaptable to embrace new changes.

39. BS in Cybersecurity with 10 years of Experience

Experience in expanding roles with experience in IT Governance, IT Risk, IT Audit, IT Operations, or related fields.
Must have CISM, CISA, CISSP, CRISC designation, or other relevant certification.
Experience using some of the industry standards/frameworks, such as NIST 800-53, NIST Privacy Framework, ISO 27001, ITIL v3, COBIT and FAIR.
Experience in working with data analytics (i.e., ACL, Tableau, etc.), and other emerging technologies like robotic process automation and machine learning.
Ability to objectively analyze and evaluate a system of internal controls to form a judgment.
Ability to understand enterprise risk, challenges, and business initiatives to develop a technology-focused risk-based audit plan and audit scopes.
Ability to make analytical decisions with a demonstrated ability to solve problems, make decisions in complex situations, and drive issues to completion.
Ability to work collaboratively in business teams.
Strong interpersonal and relationship‐building skills, poised in difficult situations.
Ability to instill confidence and credibility in auditing, identifying sound, well-developed audit findings and partnering with management on solutions.
Ability to build a course of action, analyze trade-offs, and make recommendations even in ambiguous situations.
Highly effective oral, written, and interpersonal communication skills.
Demonstrated ability to interact at all corporate levels.
Ability to create factual, relevant, and easily understandable talking points and other messaging, and persuasively deliver them to relevant audiences.

40. BA in Accounting with 7 years of Experience

Knowledge of auditing in the financial services industry, basic accounting principles and related work experience.
Solid understanding of ITGC and related processes (e.g., Configuration Management, Vendor Management).
Understanding of Information Technology Service Management (ITSM) controls (e.g., Incident Management, Problem Management).
Skilled to perform testing of application controls (e.g., Application Security Testing, Interface Controls).
Skilled to perform testing of information security and cybersecurity controls (e.g., Penetration Testing, Security Information and Event Monitoring, Data Security).
Knowledge of risks related to newer technologies (e.g., Infrastructure as Code, Cloud Access Management, Kubernetes, Containers, CI/CD).
Knowledge of financial industry standards and frameworks (e.g., NIST CSF, FFIEC, GDPR).
Knowledge of cloud environments and related technologies (e.g., Microsoft Azure, Amazon Web Services, Google Cloud).
Professional certifications (e.g., CISA, CISSP, CCSP).
Strong analytical, leadership, and organizational skills.
Strong report writing and work paper documentation skills.
Adept auditing and/or systems experience in a financial institution, or similar public accounting experience in the financial services industry.

41. BS in Information Systems with 8 years of Experience

Experience in auditing the following Information Technology or Security activities: IT governance, service and project delivery, or IT technical domains such as networks, infrastructure, or applications.
Demonstrated experience and knowledge of GAAP/IFRS, the International Standards for the Professional Practice of Internal Auditing (Standards) and the latest audit techniques.
Demonstrated ability in applying Internal Auditing principles, methodology and standards in a risk-based environment across a variety of audit areas at varying degrees of complexity.
Experience with identifying emerging IT trends, protecting enterprise data and safeguarding technology.
Demonstrated experience in developing Risk Frameworks, executing risk-based audits, and completing workflow and related control assessments.
Demonstrated experience in one or more of the following: Info Security/Cyber security protocols and controls, Accounting and Finance Principles, Internal Controls, Risk Management, or Regulatory Compliance regulations, standards, or frameworks such as FASB, COSO, FFIEC, NIST, or PCI.
Experience with test development, sampling, statistics, and evidence gathering.
Sound analytical and critical thinking, the ability to develop strong interpersonal relationships and excellent communication skills (written, oral and listening).
Must have CPA, CIA, CISA, CFE, or other applicable professional certifications or be a candidate for certification.
Computer proficiency, specifically Microsoft Office products (Word, Excel, and PowerPoint, etc.) and Teammate.
Experience in analysis, data analysis, data visualization, mathematics, statistical data mining, and data science.
Previous experience with one or more of the following: SAS Software, Tableau, Power BI, Alteryx, or other data analysis tools.

42. BA in Finance with 10 years of Experience

Extensive knowledge of and skill in applying internal auditing and accounting principles and practices, and management principles and business practices.
Extensive knowledge of the Standards for the Professional Practice of Internal Auditing and the Code of Ethics developed by The Institute of Internal Auditors.
Extensive knowledge of generally accepted Information Systems audit standards, statements and practices, and Information Systems security and control practices.
Knowledge of generally accepted accounting principles (GAAP) or statutory accounting.
Knowledge of Sarbanes-Oxley or NAIC Model Audit Rule (MAR) compliance and implementation requirements.
Extensive skill in planning and project management, and in maintaining composure under pressure while meeting multiple deadlines.
Skilled in negotiating issues and resolving problems.
Skilled in using a computer with word processing, spreadsheet, and other business software to prepare reports, memos, summaries, and analyses.
Skilled in effective verbal and written communications, including active listening skills and the ability to present findings and recommendations.
Skilled in assessing the effectiveness of internal controls over key IT risks, identifying significant exposures, analyzing transactions and other management information, and detecting changes in key risks and/or control effectiveness.
Skilled in identifying significant exposures, analyzing transactions and other management information, and detecting changes in key risks and/or control effectiveness.
Ability to establish and maintain harmonious working relationships with co-workers, staff and external contacts.
Ability to learn new operations quickly and work independently.
Able to maintain confidentiality.
Must have Certified Internal Auditor (CIA), Certified Public Accountant (CPA), Certified Information Systems Auditor (CISA).

43. BS in Computer Science with 6 years of Experience

Must have a Certified Information Systems Auditor (CISA) qualification or be nearly qualified.
Experience in IT audit, internal controls, or risk management.
Experience performing IT general controls, technology risk assessments, testing, or auditing against technology standards or governance frameworks.
Knowledge of IT processes, project management, applications, databases, operating systems and network infrastructure to apply better practice guidance and identify opportunities for improvement.
Must have outstanding interpersonal and communication skills.
Able to communicate effectively in verbal and written formats with technical and non-technical audiences.
Experience managing a client portfolio, able to provide first-class service in response to client demands.
Strong attention to detail and prioritising skills.
Able to produce high-quality work autonomously and as part of a team.
Must be interested in developing skills further and working on engagements related to cybersecurity, information security standards, or governance frameworks.

44. BS in Information Security with 10 years of Experience

Information Technology, Information Security, Audit, Accounting, Fraud, Risk, Compliance, or other professional investigative or risk-based experience.
Must have supervisory experience.
Advanced proficiency in Information Technology and Cybersecurity frameworks from the National Institute of Standards and Technology (NIST), the Information Systems Audit and Control Association (ISACA), Payment Card Industry (PCI), and the International Standards for the Professional Practice of Internal Auditing and Code of Ethics promulgated by the Institute of Internal Auditors (IIA).
Must have strong communication skills.
Ability to interact across different levels of the enterprise with appropriate professional judgement and etiquette.
Must have strong analytical skills.
Ability to read and evaluate complex network topology and system-generated reports for analysis.
Must be independent and must not have any direct relatives associated with the functioning of the gaming and non-gaming areas of the enterprise.
Professional certification in one or more of the following: Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), Certified in Risk and Information Systems Control (CRISC), Certified Information Systems Security Professional (CISSP), and Certified Internal Auditor (CIA).

45. BS in Software Engineering with 11 years of Experience

Experience managing a team of direct reports.
Direct experience with ERP applications (Impulse, Oracle, SAP).
Must have achieved ISO27001 Lead Assessor Certification.
Strong understanding of mainframes, midrange and Inter-based server infrastructures, other large-scale ERP systems and other critical applications such as Oracle 11i, PeopleSoft, etc., software development processes, infrastructure, security practices and internal control practices.
Technical knowledge of hardware and software for desktop, midrange and mainframe environments.
Direct IT experience with ERP applications (Impulse, Oracle, SAP).
Experience developing/creating detailed internal control documentation in a large ERP environment.
Strong project management skills.
Good judgment, energy and personality to work in a dynamic, global environment across all levels of management and across business units and functions.
Ability to recognize problems and relate to business needs, to be perceptive, penetrate and go to the heart of the issue/problem, and plan/develop the appropriate course of action.
Ability to convey ideas (both written and verbal) clearly, fluently, and persuasively, to be articulate, and present organized trains of thought to assure proper exchange of information.
Strong attention to detail.
Excellent organizational and multi-tasking skills.
Strong PC, worksheet and word processing skills.

46. BA in Business Administration with 9 years of Experience

Saas/Agile IT environment experience.
Must have CPA /CISA /CISSP.
IT audit /internal controls experience, preferably in a public accounting firm (''Big 4'') or the equivalent of public company experience.
Strong technical knowledge of US GAAP and working knowledge of SEC rules and requirements.
Strong technical knowledge of COBIT, NIST, and others.
Working experience and knowledge of Sarbanes-Oxley internal control requirements.
Strong analytical skills with great attention to detail.
Self-motivated with a strong work ethic, with the ability to work independently and collaboratively.
Strong written and verbal communication skills.
Ability to adhere and meet internal and external deadlines.
Ability to prioritize workload and perform in a dynamic and challenging environment.
Must have Workday experience.
Advanced Excel skills.

47. BS in Data Analytics with 8 years of Experience

Able to lead automation initiatives across various engagements such as IT SOX, IT audits, analytics, etc.
Able to identify automation opportunities, conduct brainstorming and working sessions with project teams to develop, test and implement automation.
Able to conduct demo sessions with internal and client stakeholders on the automation implemented.
Able to enhance and optimize existing automation scripts to drive higher benefits, reduce manual intervention, and enhance the speed of script processing.
Able to support ITGC, IT audits, and IT SOX controls testing on a need basis.
Able to ensure client service delivery as per the quality guidelines and methodologies.
Able to build and maintain client relationships by understanding and responding to client needs and delivering high-quality deliverables.
Ability to contribute to people and knowledge development initiatives by developing training material and conducting training.
Strong analytical thinking and communication skills.

48. BS in Management Information Systems with 7 years of Experience

Ability to research and understand complex processes and effectively communicate them to interested parties.
Ability to demonstrate superior relationship-building and relationship management skills.
Automation experience (scripting, macros, SQL queries, etc.)
Able to use VB scripting (ability to download and upload information from ERP systems such as SAP.
Ability to format and analyse data using formulae (MS Excel, Excel Macros).
Experience in IT SOX, ITGC reviews the application controls assessment.
Understanding of business processes such as AP, RTR, AR, etc.
Ability to independently execute assignments involving the building of an IT and application controls framework, liaise with internal/external auditors.
Experience in solution building and practice development.

49. BA in Risk Management with 12 years of Experience

Extensive experience in IT and Information Security Risk Management and Internal Controls concepts and practices.
Extensive experience as Auditor-in-Charge of complex, IT and integrated audits.
Extensive knowledge of IT/operational analysis, which includes expertise in analyzing the effectiveness and accuracy of complex financial matters and risk-based auditing techniques.
Expert knowledge of the internal audit function and processes, preferably in a financial institution.
Expert knowledge of Internal Controls concepts and practices and risk-based auditing techniques.
Extensive experience supervising and leading professional employees.
Extensive experience managing multi-dimensional teams and projects of great complexity, risk and impact, which involve organization, holding strategy and status meetings, planning, motivating and managing the work of participants.
Expert skill in results-oriented leadership in a challenging environment.
Expert experience demonstrating thought-leadership, initiative-taking, decision-making and creativity in solving business problems.

50. BS in Computer Engineering with 10 years of Experience

Expert skill in presenting to stakeholders and management.
Expert skill building effective relationships through rapport, trust, diplomacy and tact.
Expert analytical thinking skills to include summarizing information and clearly identifying key elements, patterns, results, or relationships.
Extensive experience in creating, generating and maintaining data, reports, queries, etc.
Expert skill in presenting findings, conclusions, alternatives and information clearly and concisely.
Expert skill to influence, negotiate, and persuade to reach an agreeable exchange and positive outcomes.
Extensive experience working with all levels of staff, management, stakeholders, and vendors.
Must have certification as a candidate for CISA, CISSP, or CCSP.
Experience with credit union financials and/or regulations.
Working knowledge of NFCU products, services, programs, policies and procedures.

51. BA in Internal Auditing with 8 years of Experience

Experience in IT audit, information security, and/or relevant compliance functions.
Working knowledge of IT audit and internal audit concepts.
Demonstrated experience with internal control frameworks, professional audit standards, IT security and trust models, and guidelines (e.g., COSO, COBIT).
Experience developing, documenting, and performing a full audit program to completion.
In-depth understanding of technologies, IT general and application-specific controls, including those related to OS, database, network, security, and GRC.
Ability to work effectively with all levels of management (technical and non-technical) and other colleagues, demonstrating strong initiative, mature judgment, professionalism, adaptability, and a customer service orientation.
Must possess a ''can-do'' attitude with excellent verbal and written communication skills.
Effective planning, organization, and time management skills.
Ability to work independently, productively and follow through on all responsibilities to bring projects to a successful conclusion.
Must have one or more certifications, Certified Information Systems Auditor (CISA), Certified Internal Auditor (CIA), Certified Information Security Manager (CISM), Certified Information Systems Security Professional (CISSP), Certified Public Accountant (CPA).
Must have Big 4 experience.

52. BS in Network Engineering with 6 years of Experience

Must have certification in at least one of the following: CISA, CISM, CISSP, CIA, etc.
IT, IT Audit, or Gaming experience.
Strong Sarbanes-Oxley (SOX) experience.
Solid knowledge and experience of IT Audit controls across domains such as access, change management, operations, application controls and reports testing.
Knowledge of network architecture and/or cybersecurity.
Strong familiarity with Windows, AS400, and other common operating systems.
IT risk management and/or IT compliance experience.
Proficient in Excel.
Proficient in automation tools such as Alteryx.
Must be able to obtain Gaming licensing in all gaming jurisdictions.

53. BS in Cloud Computing with 10 years of Experience

Experience in an internal audit or IT risk advisory practice, with some ''Big 4'' experience.
Work experience should indicate progressively more responsibility.
Must have CISA, CISSP, CIA, and other Information/Cybersecurity credentials.
Demonstrated willingness to roll up sleeves and do the work, while helping out the rest of the team.
Solid understanding of COBIT, Security Frameworks (i.e., NIST), GRC tools and ISACA, IIA Standards.
Working knowledge of major business (Oracle, Workday, etc.), Infrastructure (Cloud, SaaS, etc.), and Information/Cybersecurity tools.
Ability to manage projects and supervise less experienced professional staff.
Excellent written and verbal communication skills.
Excellent organizational and project management skills.
Self-motivated, able to work in a team and independently.
Ability to interact with employees at all levels of the organization.
Professional certifications, including

54. BA in Economics with 8 years of Experience

Professional experience in internal/external IT audit or Information Technology roles/consulting.
Excellent communication and interpersonal skills.
Ability to communicate technical and controls issues in terms that a non-technical audience can understand.
Working knowledge of IT General Controls, COSO, COBIT, NIST, CIS Security Controls, ISO 27001, HIPAA, and other relevant standards.
Strong experience or knowledge of Oracle, SAP, Power BI, Snowflake.
Working knowledge of Sarbanes-Oxley and SEC regulations.
Highly developed organizational skills, project and time management skills.
Ability and desire to recruit and develop staff, providing critical and actionable feedback.
Highly developed analytical and problem-solving skills.

55. BS in Artificial Intelligence with 7 years of Experience

Experience in auditing IT operations and systems (SAP), including in a large client/server environment.
Technical skills to perform reviews of applications, operations, security, networks, etc.
Ability to plan, organize, and communicate effectively.
Ability to collect and analyze data.
Strong negotiation and problem-solving skills and sound independent judgment.
Demonstrated effectiveness in collaboration and working with others.
Experience in the IT department, IT auditing, or a related field.
Knowledge of auditing networks, personal computers, and SAP application environments.
Knowledge of engineering and relevant utility experience.
Knowledge of SOX internal controls for public companies.
Experience with Data Analytics tools.
Must have CPA, CIA, or CISA certification.

Professional Skills FAQs

What are professional skills?

Professional skills are abilities that help individuals perform tasks effectively in a workplace environment. These skills include both technical competencies required for specific roles and soft skills such as communication, teamwork, and problem solving.

What is the difference between hard skills and soft skills?

Hard skills are technical abilities learned through education or training, such as programming, data analysis, or laboratory testing. Soft skills refer to interpersonal abilities like communication, leadership, adaptability, and teamwork.

Why are professional skills important for careers and resumes?

Professional skills help employers evaluate whether a candidate can perform job responsibilities effectively. Listing relevant skills on a resume demonstrates qualifications and helps applications pass Applicant Tracking Systems used in modern hiring processes.

What professional skills do employers look for?

Employers usually value a combination of technical expertise and transferable workplace skills. Common examples include analytical thinking, communication, teamwork, leadership, time management, adaptability, and digital literacy.

How can professionals develop professional skills?

Professionals can develop skills through continuous learning, training programs, certifications, mentorship, and practical work experience. Staying updated with industry trends also helps individuals maintain relevant and competitive skills.

Editorial Process

Lamwork content is developed through structured review of publicly available job postings and documented hiring trends.

Editorial operations are managed by Thanh Huyen, Managing Editor, with research direction and final oversight by Lam Nguyen, Founder & Editorial Lead. Content is periodically reviewed to reflect observable labor market changes.

Relevant Information

IT Audit Consultant Skills, Experience, and Job Requirements

IT Auditor Skills, Experience, and Job Requirements

Senior IT Auditor Skills, Experience, and Job Requirements