Skip to main content
Back to results

Senior IT Auditor

  • United States - Washington - Seattle

  • Finance

  • Full-Time Regular

  • 03/11/2024

  • ID # R-86985

If you need assistance during the recruiting process due to a disability, please reach out to our Recruiting Accommodations Team through the Accommodation Request form. This form is used only by individuals with disabilities who require assistance or adjustments in applying and interviewing for a job. This form is not for inquiring about a position or the status of an application.

Senior IT Auditor


The Senior IT Auditor performs the tactical end-to-end execution of technical risk management, compliance, assurance and audit projects, including scoping, planning, discovery, fieldwork, development/design of recommendations, report writing, tracking of audit issues, and verification of management action items, under the guidance/direction of managers.

What you'll do:

  • Acquires and demonstrates a solid understanding of how the department operates and fits into the larger organization

  • Acquires a solid understanding of the various functions/organizations within the broader enterprise

  • Demonstrates solid awareness of the policies, practices, trends and information that impact the organization and its customers

  • Demonstrates solid understanding of the financial, operational, and technical impact of decisions/solutions on the organization and its customers

  • Reviews overarching project timeline and develops a schedule of tasks to achieve project milestones

  • Works with more experienced team members to help identify all resources required to support any project

  • Keeps relevant stakeholders informed of key progress toward or significant changes to task timing that impacts the project schedule

  • Seeks relevant information to ensure own understanding of complex information

  • Assists team members in the creation of routine technical communication materials (e.g., policies & procedures, guidelines, presentations, messages)

  • Develops a solid understanding of the different audience groups in the business unit/function that receive technical communications and how they differ from each other

  • Applies a solid understanding of electronic workpapers and/or GRC and Audit Management systems

  • Applies a solid understanding of IIA framework

  • Applies a solid understanding IT control framework

  • Applies a solid understanding of risk and compliance frameworks and industry best practices (e.g., ISO, COSO, COBIT, NIST, etc.)

  • Applies a solid understanding of the legal, regulatory, and technical compliance

  • Applies a solid understanding in one or more of these areas (IT General Controls, Cybersecurity, Cloud operations, Data governance, Data privacy compliance, or Big Data) to execute technical audits or other risk and compliance-related initiatives in order to identify, assess, and explain risks, report findings, and develop and communicate recommendations

  • Learns solid data analysis methods and procedures by assisting others in the collection and analysis of data

  • Solid knowledge of risks and controls, as well as risk management principles

  • Prepares summary reports for management on the results of financial, operational and technical audits or other risk-based reporting

  • Leverages proper techniques and solid knowledge to interpret basic audit analyses and reports

  • Supports the development of mitigation strategies and remediation plans for audit findings (ERM role specific)

Who you are:

  • 2+ years of experience

  • Bachelor's degree in related technical field; or equivalent related professional experience

  • Functional / technical skills: CIA, CPA, CISA, OSCP, CCSK, CISM, CISSP, CDPSE, IAPP, CRISC or similar

  • IT General Controls (Logical Access, Change Management, IT Operations, Program Development/SDLC)

  • Cybersecurity concepts, risks and practices (e.g., identity access management, vulnerability management, security governance, software development, auditing and logging, micro segmentation, secure access services, PKI) and security frameworks such as NIST, ISO 27000

  • Cloud operations (e.g., Cloud architecture, infrastructure, networks, secure compute workloads, resiliency, data encryption, account and key management, identity access management, software development in the cloud)

  • Data governance (e.g., frameworks, policies, third-party data risks, and data security and protection)

  • Data privacy compliance including GDPR, CCPA, HIPAA, and other regulations

  • Big Data (e.g. data analysis and visualization tools, data engineering modeling, scripting language such as SQL or Python)

#LI-LS3

The total cash range for this position in Seattle is $82,500.00 to $115,500.00. Employees in this role have the potential to increase their pay up to $132,000.00, which is the top of the range, based on ongoing, demonstrated, and sustained performance in the role.

Starting pay for this role will vary based on multiple factors, including location, available budget, and an individual’s knowledge, skills, and experience. Pay ranges may be modified in the future.

Expedia Group is proud to offer a wide range of benefits to support employees and their families, including medical/dental/vision, paid time off, and an Employee Assistance Program. To fuel each employee’s passion for travel, we offer a wellness & travel reimbursement, travel discounts, and an International Airlines Travel Agent (IATAN) membership.View our full list of benefits.

About Expedia Group

Expedia Group (NASDAQ: EXPE) powers travel for everyone, everywhere through our global platform. Driven by the core belief that travel is a force for good, we help people experience the world in new ways and build lasting connections. We provide industry-leading technology solutions to fuel partner growth and success, while facilitating memorable experiences for travelers. Expedia Group's family of brands includes: Brand Expedia®, Hotels.com®, Expedia® Partner Solutions, Vrbo®, trivago®, Orbitz®, Travelocity®, Hotwire®, Wotif®, ebookers®, CheapTickets®, Expedia Group™ Media Solutions, Expedia Local Expert®, CarRentals.com™, and Expedia Cruises™.

© 2021 Expedia, Inc. All rights reserved. Trademarks and logos are the property of their respective owners. CST: 2029030-50

Employment opportunities and job offers at Expedia Group will always come from Expedia Group’s Talent Acquisition and hiring teams. Never provide sensitive, personal information to someone unless you’re confident who the recipient is. Expedia Group does not extend job offers via email or any other messaging tools to individuals to whom we have not made prior contact. Our email domain is @expediagroup.com. The official website to find and apply for job openings at Expedia Group is careers.expediagroup.com/jobs.

Expedia is committed to creating an inclusive work environment with a diverse workforce. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status. This employer participates in E-Verify. The employer will provide the Social Security Administration (SSA) and, if necessary, the Department of Homeland Security (DHS) with information from each new employee's I-9 to confirm work authorization.
Similar Positions
  • Software Development Engineer II (iOS + Java)

    Seattle, Washington
    Technology
    View Job
  • SEO Specialist

    Seattle, Washington
    Marketing
    View Job
Job Accommodation Requests

At Expedia Group, we're committed to providing an inclusive and accessible recruiting experience for candidates with disabilities. If you require an accommodation or adjustment for any part of the application or hiring process, please let us know by completing our Accommodation Request form.

Request a disability accommodation
Expedia Group | Careers