IT Internal Audit Lead jobs in United States
cer-icon
Apply on Employer Site
company-logo

Coastal · 4 hours ago

IT Internal Audit Lead

positionUnited States
timeFull-time
remoteOnsite
seniorityMid, Senior Level
money$123K/yr - $135K/yr
date4+ years exp

Coastal is at the forefront of modern banking, combining strong financial infrastructure with cutting-edge Banking-as-a-Service and fintech enablement strategies. The Internal Auditor Lead – Information Technology is responsible for assessing the effectiveness of Coastal’s technology and cybersecurity practices, performing complex audits, and delivering clear audit opinions. This role also includes mentoring within Internal Audit and enhancing audit methodologies through automation and data analytics.

Financial Services

Responsibilities

Audit Planning & Risk Assessment
Perform planning and scoping for technology and cybersecurity audits, leveraging enterprise risk assessments, regulatory priorities, emerging threats, and business changes
Perform and document technology and cyber risk assessments to identify key inherent risks, control dependencies, and areas of heightened regulatory and operational exposure
Maintain alignment of audit coverage with the FFIEC IT Examination Handbooks, CRI Profile, and Internal Audit standards
Audit Execution & Control Evaluation
Lead and execute end-to-end technology and cybersecurity audits, including: IT governance and risk management, Identity and access management, Cloud and infrastructure security, Network and endpoint security, Secure configuration and vulnerability management, SDLC, change management, and DevOps controls, and Data protection and resilience (BCP/DR)
Perform Test of Design (“TOD”) and Test of Operating Effectiveness (“TOE”) using walkthroughs, sampling, inspection, inquiry, and re-performance
Develop clear, high-quality audit workpapers that support conclusions and comply with Internal Audit methodology and IIA standards
Assess control maturity, sustainability, and consistency
Issues Management & Validation
Identify, evaluate, and clearly articulate control deficiencies, root causes, and risk impacts
Draft concise, risk-based audit issues with well-supported severity ratings and actionable recommendations
Validate remediation plans for adequacy and sustainability; perform issue validation testing to confirm effective closure
Identify thematic issues and emerging risks to inform management and future audit planning
Regulatory Exams & Audit Coordination
Support and coordinate with regulatory examiners, external auditors, and independent assessors for technology and cybersecurity-related reviews
Provide credible challenge to management responses and ensure Internal Audit positions are consistent, defensible, and regulator-ready
Assist in aligning Internal Audit perspectives with evolving regulatory guidance and supervisory expectations
Audit Methodology, Automation & Quality
Contribute to the continuous improvement of Internal Audit’s technology audit methodology, testing standards, and documentation practices
Leverage data analytics, automation, and technology-enabled testing techniques to improve audit efficiency and coverage
Promote a culture of quality, independence, and professional skepticism within the audit function
Reporting & Stakeholder Communication
Deliver clear, concise audit reports and executive-ready summaries that communicate risk, impact, and priorities effectively
Present audit results to senior management and risk committees, articulating complex technical issues in business-relevant terms
Maintain strong, professional relationships with stakeholders while preserving Internal Audit independence

Qualification

FFIEC IT Examination HandbooksNIST CSFCloud platforms auditingData analyticsCybersecurity control frameworksTechnical control effectivenessGovernance/process maturityProfessional certificationAudit judgmentWritten communicationVerbal communicationAttention to detail

Required

Demonstrated expertise applying FFIEC IT Examination Handbooks and the CRI Profile within an Internal Audit or independent assurance context
Strong understanding of technology and cybersecurity control frameworks, including NIST CSF, NIST SP 800-53, and their application in regulated financial institutions
Hands-on experience auditing modern technology environments, including cloud platforms, identity systems, networks, operating systems, applications, and third parties
Ability to assess both technical control effectiveness and governance/process maturity
Experience using data analytics, scripting, or automated techniques to support audit testing (e.g., SQL, Python, PowerShell, APIs, or audit analytics tools)
Excellent written and verbal communication skills, with the ability to influence, challenge, and educate stakeholders at all levels
Strong audit judgment, attention to detail, and ability to manage multiple audits and priorities concurrently
Bachelor's/University degree in Information Systems, Computer Science, Cybersecurity, Accounting, or a related field required
4+ years of experience in Internal Audit, Technology Risk, Cybersecurity Risk, IT Risk Management, or related assurance roles; financial services experience strongly preferred

Preferred

Professional certification, such as CIA, CRISC, CISA, CISSP, CISM preferred

Benefits

Medical Coverage: Choose from three competitive medical plans to find the coverage that best fits your needs and lifestyle.
Health Savings Account (HSA): Available with eligible medical plans, offering tax advantages and employer contributions.
Flexible Spending Accounts (FSA): Options for healthcare and dependent care expenses to help you save on out-of-pocket costs.
Dental and Vision Insurance: Plans to keep you and your family smiling and seeing clearly.
Life Insurance: Company-paid basic life insurance with options to purchase additional coverage for yourself and your dependents.
Long-Term (LTD)/Short-Term Disability (STD): Income protection in the event of a long-term illness or injury.
Supplemental Benefits: Including Hospital Indemnity, Accident Insurance, and Critical Illness coverage to provide extra financial support when you need it most.
401(k) Retirement Plan: A competitive retirement savings plan with company matching to help you plan for the future.
Paid Time Off: Generous vacation and sick leave policies to support your time away from work.
Holidays: Enjoy 11 paid holidays throughout the year.

Company

Coastal

twitter
company-logo
At Coastal, we are redefining the banking experience through innovative embedded finance solutions tailored for the modern marketplace.
dateFounded in 1997
location
Everett, WA, US
people-size201-500 employees
web-link
http://www.ccbx.com

Funding

Current Stage
Growth Stage

Leadership Team

leader-logo
Danica Hudson
SVP, Head of Enterprise Partnerships & Payments
linkedin
leader-logo
Erika Heer
Executive Vice President, Chief Human Resources Officer
linkedin

Recent News

Bank Think
The comeback of fintech and payment IPOs
2025-09-29
PR Newswire
InComm Benefits HSA User Survey Reveals Account Underutilization Drives Higher Than Expected Out-of-Pocket Costs
2025-09-24
MarketScreener
Coastal Names Seasoned Fintech Leader Brandon Soto as New Chief Financial Officer
2025-09-22
Company data provided by crunchbase