What you'd actually do

Leverage data analytics, AI tools, and emerging technologies to enhance audit efficiency, automate workpapers, and evaluate AI/ML controls and governance

Identify control gaps, analyze root causes, and write clear, concise audit reports for management and stakeholders

Conduct process walkthroughs and execute fieldwork in strict alignment with department methodology

Evaluate the design and operational effectiveness of key cybersecurity controls, IT General Controls (ITGCs) and IT Application Controls (ITACs)

Provide risk-based consulting to assist management during business process improvements or new system implementations

Skills

Required

Bachelor's degree in Computer Science, Information Systems, STEM (Science, Technology, Engineering, and Math), or a related major
2+ years of experience in audit with a focus on technology and IT risk
Strong understanding of IT general controls (ITGCs) and IT application controls (ITACs), including cybersecurity, Software Development Life Cycle (SDLC), access and change management, logging and monitoring, disaster recovery, and cloud computing
Technical expertise in IT systems including infrastructure, cybersecurity, and familiarity with IT governance frameworks (e.g. NIST, CSF, and COBIT)
Strong analytical and critical thinking skills, with proficiency in analyzing complex data and extracting meaningful insights
Ability to identify root causes of complex issues and recommend appropriate, practical remediation and safeguards
Strong written and verbal communication skills, including interviewing skills and the ability to effectively present audit findings with business partners
Experience conducting a variety of audits, including financial, operational, and IT
Familiarity with AI and data analytics tools (e.g., Claude, NotebookLM, Gemini, SQL, Python, Tableau, or Power BI) to support audit testing and continuous monitoring

Nice to have

Big 4 public accounting or similar IT audit advisory experience
Active certification or in process of achieving Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), Certified Information Systems Security Professional (CISSP), or Certified Ethical Hacker (CEH) [CISA strongly preferred]
Experience auditing within cloud-based or Software-as-a-Service (SaaS) environments
Awareness of AI governance, ethics, and emerging risks such as model bias, data privacy, and hallucination

**Secure Every Identity, from AI to Human

**Identity is the key to unlocking the potential of AI. Okta secures AI by building the trusted, neutral infrastructure that enables organizations to safely embrace this new era. This work requires a relentless drive to solve complex challenges with real-world stakes. We are looking for builders and owners who operate with speed and urgency and execute with excellence.

This is an opportunity to do career-defining work. We're all in on this mission. If you are too, let's talk.

IT Internal Auditor

As an IT Internal Auditor, you will work with an agile team in a fast-paced, high-technology environment on multiple audit engagements across the enterprise. Reporting to the Internal Audit Manager, you will partner with Technology Data & Insights (TDI), Security, Engineering, and other cross-functional stakeholders. We're looking for an individual with strong technology acumen, an understanding of technology audit and IT risk, and an eagerness to join a lean, high-impact team.

Company Description

Okta is the foundation for secure connections between people and technology. By harnessing the power of the cloud, Okta allows people to access applications on any device at any time, while still enforcing strong security protections. It integrates directly with an organization's existing directories and identity systems. Because Okta runs on an integrated platform, organizations can implement the service quickly at large scale and low total cost. Thousands of customers, including Adobe, Allergan, Chiquita, LinkedIn, and Western Union, trust Okta to help their organizations work faster, boost revenue, and stay secure. To learn more about Okta, visit: https://www.okta.com.

Responsibilities

Audit Planning

Participate in IT and cybersecurity risk assessments to identify key enterprise risks and define audit scope
Design comprehensive, risk-based audit programs and testing procedures tailored to the technology environment
Exercise professional judgment regarding project planning, risk prioritization, and objective setting for complex engagements

Audit Fieldwork & Testing

Conduct process walkthroughs and execute fieldwork in strict alignment with department methodology
Evaluate the design and operational effectiveness of key cybersecurity controls, IT General Controls (ITGCs) and IT Application Controls (ITACs)
Prepare high-quality, detailed workpapers that clearly document testing results, evidence, and conclusions
Leverage data analytics, AI tools, and emerging technologies to enhance audit efficiency, automate workpapers, and evaluate AI/ML controls and governance

Reporting & Remediation

Identify control gaps, analyze root causes, and write clear, concise audit reports for management and stakeholders
Discuss audit findings effectively and gain stakeholder agreement on appropriate, right-sized corrective actions
Partner with TDI, Security, Engineering, and cross-functional teams to track and ensure the timely completion of agreed-upon remediation activities

Advisory & Collaboration

Provide risk-based consulting to assist management during business process improvements or new system implementations
Provide guidance, training, and peer mentorship to other team members, fostering professional growth and knowledge transfer

Required Qualifications

Bachelor's degree in Computer Science, Information Systems, STEM (Science, Technology, Engineering, and Math), or a related major
2+ years of experience in audit with a focus on technology and IT risk
Strong understanding of IT general controls (ITGCs) and IT application controls (ITACs), including cybersecurity, Software Development Life Cycle (SDLC), access and change management, logging and monitoring, disaster recovery, and cloud computing
Technical expertise in IT systems including infrastructure, cybersecurity, and familiarity with IT governance frameworks (e.g. NIST, CSF, and COBIT)
Strong analytical and critical thinking skills, with proficiency in analyzing complex data and extracting meaningful insights
Ability to identify root causes of complex issues and recommend appropriate, practical remediation and safeguards
Strong written and verbal communication skills, including interviewing skills and the ability to effectively present audit findings with business partners
Experience conducting a variety of audits, including financial, operational, and IT
Familiarity with AI and data analytics tools (e.g., Claude, NotebookLM, Gemini, SQL, Python, Tableau, or Power BI) to support audit testing and continuous monitoring

Preferred Qualifications

Big 4 public accounting or similar IT audit advisory experience
Active certification or in process of achieving Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), Certified Information Systems Security Professional (CISSP), or Certified Ethical Hacker (CEH) [CISA strongly preferred]
Experience auditing within cloud-based or Software-as-a-Service (SaaS) environments
Awareness of AI governance, ethics, and emerging risks such as model bias, data privacy, and hallucination

What Success Looks Like

**Solutions-oriented: **Proactive willingness to roll up your sleeves and "get it done"
**Adaptable: **Ability and desire to work hands-on in a rapidly evolving, fast-paced environment

**Collaboration: **Strong communication, collaboration, and organizational skills tailored for success in a hybrid work environment

P22860_3460539

##LI_Hybrid

** The Okta Experience**

Supporting Your Well-Being
Driving Social Impact
Developing Talent and Fostering Connection + Community

We are intentional about connection. Our global community, spanning over 20 offices worldwide, is united by a drive to innovate. Your journey begins with an immersive, in-person onboarding experience designed to accelerate your impact and connect you to our mission and team from day one.

Okta is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, ancestry, marital status, age, physical or mental disability, or status as a protected veteran. We also consider for employment qualified applicants with arrest and convictions records, consistent with applicable laws.

If reasonable accommodation is needed to complete any part of the job application, interview process, or onboarding please use this Form to request an accommodation.

Notice for New York City Applicants & Employees: Okta may use Automated Employment Decision Tools (AEDT), as defined by New York City Local Law 144, that use artificial intelligence, machine learning, or other automated processes to assist in our recruitment and hiring process. In accordance with NYC Local Law 144, if you are an applicant or employee residing in New York City, please click here to view our full NYC AEDT Notice.

Okta is committed to complying with applicable data privacy and security laws and regulations. For more information, please see our Personnel and Job Candidate Privacy Notice at https://www.okta.com/legal/personnel-policy/.