Senior Internal Auditor – IT Risk Audit (Enterprise Risk Assessment)

As passionate about our people as we are about our mission.

Why Join Q2?

Q2 is a leading provider of digital banking and lending solutions to banks, credit unions, alternative finance companies, and fintechs in the U.S. and internationally. Our mission is simple : build strong and diverse communities through innovative financial technology—and we do that by empowering our people to help create success for our customers.

What Makes Q2 Special?

Being as passionate about our people as we are about our mission. We celebrate our employees in many ways, including our “Circle of Awesomeness” award ceremony and day of employee celebration among others! We invest in the growth and development of our team members through ongoing learning opportunities, mentorship programs, internal mobility, and meaningful leadership relationships. We also know that nothing builds trust and collaboration like having fun. We hold an annual Dodgeball for Charity event at our Q2 Stadium in Austin, inviting other local companies to play, and community organizations we support to raise money and awareness together.

This position is an individual contributor within the Internal Audit Team responsible for leading and executing high-impact, risk-based IT audit engagements aligned with regulatory frameworks (e.g., SOX, FFIEC, NIST ) and organizational priorities. The ideal candidate will have experience auditing complex IT environments and a deep understanding of cybersecurity, IT governance, and technology risk.

This role contributes to the annual IT audit plan by assessing risk, planning and scoping audits, and delivering assurance and advisory services across areas including financial reporting, cloud computing, data protection, third-party risk, and IT operations. The Senior IT Internal Auditor will collaborate with stakeholders across Accounting, Technology, Information Security, Risk, and Compliance to drive risk mitigation and control improvement efforts.

Responsibilities

• Execute SOX IT and information systems testing program, including conducting walkthroughs, analyzing audit evidence, executing controls testing, identifying and defining issues, and documenting business processes and procedures.
• Support the creation of status reports and planning materials assist with overall and collaborate closely with internal and external stakeholders for the IT Program. Perform the end-to-end planning, execution, and reporting with the IT Internal Audit Manager of risk-based IT audit engagements across domains such as : Information Security ProgramNetwork & System SecurityBusiness Continuity and Disaster Recovery (BC / DR)Change Management and Software Development Lifecycle (SDLC)Third-Party Risk Management (TPRM)Identity & Access Management (I&AM)IT Operations and Asset ManagementPrivacy and Data ProtectionCloud and Outsourced Services
• Evaluate IT risks, control maturity, and alignment with regulatory expectations.
• Provide risk advisory and control consultation to IT and business leadership on strategic technology initiatives, regulatory obligations, and emerging threats.
• Collaborate closely with cross-functional stakeholders, including Accounting, Information Security, Compliance, Legal, and Engineering teams, to understand business processes and evaluate control effectiveness.
• Develop and deliver clear, concise, risk-focused audit reports dealing with complex and sensitive issues, including findings, root cause analysis, and actionable, in a timely manner for internal and external audiences..
• Complete assigned responsibilities following audit standards.
• Partner with internal and external audit teams to ensure a timely and efficient testing approach and issue resolution.
• Monitor and validate the implementation of management action plans and ensure sustainable remediation of control issues.
• Support new system implementations and ensure compliance with existing policies
• Conduct risk assessments, including the identification of controls and testing attributes.
• Contribute to the development and evolution of the IT audit program, including risk assessment methodology, audit universe updates, and use of data analytics.
• Act as a key liaison to internal and external auditors, examiners, and other assurance functions to ensure coordinated risk coverage and alignment.
• Take initiative and suggest alternatives for process improvements
• Duties may change and Team Members may be required to perform other duties as assigned

Minimum Experience and Knowledge

Preferred Experience and Knowledge

Health & Wellness

Hybrid Work Opportunities

Flexible Time Off

Career Development & Mentoring Programs

Health & Wellness Benefits, including competitive health insurance offerings and generous paid parental leave for eligible new parents

Community Volunteering & Company Philanthropy Programs

Employee Peer Recognition Programs – “You Earned it”

Click to find out more about the benefits we offer.

Our Culture & Commitment :

We’re proud to foster a supportive, inclusive environment where career growth, collaboration, and wellness are prioritized. And our benefits go beyond healthcare—offering resources for physical, mental, and professional well-being. Click here to find out more about the benefits we offer. Q2 employees are encouraged to give back through volunteer work and nonprofit support through our Spark Program (). We believe in making an impact—in the industry and in the community.

We are an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, genetic information, or veteran status.