Lead, Audit and Assurance in United States at Jobgether

This position is posted by Jobgether on behalf of a partner company. We are currently looking for a Lead, Audit and Assurance in the United States.

This is a senior, highly technical assurance leadership role responsible for defining and executing the organization’s audit, controls, and governance strategy across a complex cloud-native environment. The Lead, Audit and Assurance will serve as the primary authority on external audits, internal audit maturity, and enterprise control effectiveness, ensuring the organization remains continuously audit-ready. This role combines deep technical expertise with strategic leadership to modernize audit processes through automation, AI, and continuous control monitoring. You will partner closely with engineering, security, and product teams to embed controls directly into systems and workflows, reducing manual effort while increasing accuracy and transparency. A key part of this role is driving regulatory readiness across multiple frameworks and ensuring alignment with evolving compliance expectations. This position is ideal for an experienced audit leader who thrives at the intersection of technology, risk, and transformation.

• Own and lead all external audit and assurance activities (including SOC 2, PCI DSS, ISO 27001, HIPAA, and client/regulatory audits), acting as the primary liaison with external auditors.
• Design and mature a scalable internal technical audit program, including methodologies, testing approaches, scoping standards, and reporting frameworks.
• Maintain and evolve enterprise risk and control mappings within the GRC platform, ensuring alignment with regulatory, contractual, and technical requirements.
• Drive the transformation toward continuous assurance through automation, AI-enabled testing, and real-time control monitoring to ensure audit readiness at all times.
• Identify, evaluate, and implement AI and automation solutions across the assurance lifecycle, including governance of internal AI systems and related risks.
• Partner with engineering and product teams to embed control design directly into systems, pipelines, and architecture from the outset.
• Oversee remediation tracking for audit findings and control gaps, ensuring risk-based prioritization and executive-level visibility.
• Deliver executive-ready reporting, dashboards, and assurance insights, and represent the organization in audits, client due diligence, and regulatory discussions.

• 8+ years of progressive experience in audit, information assurance, or GRC within regulated industries such as fintech, financial services, or healthcare.
• At least 3+ years in a senior individual contributor or lead role with ownership of external audit programs and assurance strategy.
• Proven experience managing SOC 2, PCI DSS, ISO 27001, or similar compliance frameworks with consistently strong audit outcomes.
• Hands-on expertise with modern GRC platforms (e.g., AuditBoard, Drata, Vanta, ServiceNow GRC, OneTrust, or equivalent), including control mapping and automation.
• Strong technical understanding of cloud-native environments (AWS, Azure, GCP), CI/CD pipelines, IAM, encryption, logging, and Infrastructure-as-Code.
• Demonstrated ability to design and implement automated, continuous control monitoring and transform manual audit processes into scalable systems.
• Working knowledge of AI/ML systems, including governance, model risk, data lineage, and emerging regulatory considerations.
• Strong communication and stakeholder management skills with the ability to influence engineering, security, and executive leadership teams.
• Relevant certifications such as CISA, CISM, CRISC, or similar are strongly preferred.

• Competitive annual salary ranging from $140,000 to $160,000.
• Fully remote work environment with limited travel requirements (approximately 12 days per year).
• Comprehensive health, dental, and vision insurance coverage.
• Paid time off and standard company holidays.
• Retirement savings plans and additional financial wellness benefits.
• Opportunity to shape and modernize enterprise-wide audit and assurance strategy in a cloud-native organization.
• Exposure to cutting-edge AI, automation, and continuous assurance technologies.
• Collaborative, innovation-driven culture focused on trust, experimentation, and continuous improvement.