Internal Audit Lead - IT Controls and Data Assurance

Lambda, The Superintelligence Cloud, builds Gigawatt-scale AI Factories for Training and Inference. Lambda’s mission is to make compute as ubiquitous as electricity and give every person access to artificial intelligence. One person, one GPU. If you'd like to build the world's best deep learning cloud, join us.

• Note: This position requires presence in our San Jose office location 4 days per week; Lambda’s designated work from home day is currently Tuesday. What You’ll Do We are seeking a highly skilled Internal Audit Lead – IT & Data Assurance to join our Internal Audit team, reporting directly to the Head of Internal Audit. This role will be primarily responsible for SOX compliance, IT controls, and data assurance activities for SaaS and third-party hosted business systems, with additional oversight of homegrown applications and systems as needed. The individual will lead testing and assurance projects related to IT General Controls (ITGCs), IT Automated Controls, and Key Report testing, while also driving advisory initiatives to strengthen IT governance, risk management, and data integrity across the enterprise. This is a Senior level role that combines hands-on testing and evaluation with leadership, oversight, and stakeholder engagement.
• SaaS / Business Systems IT Controls
• Lead SOX IT testing and assurance activities for SaaS and third-party hosted business applications, including ERP, CRM, HR, procurement, and financial reporting systems.
• Evaluate and test IT General Controls, automated business process controls, and key report logic across cloud-hosted platforms.
• Collaborate with system administrators, business owners and SaaS vendors as needed to validate control design across all applicable IT control domains.
• Assess vendor SOC reports to ensure adequate assurance over outsourced IT environments.
• Assist in the annual IT SOX scoping and risk assessment process in alignment with the overall ICFR and SOX program.
• Conduct and lead walkthroughs and design/effectiveness testing of IT controls across homegrown and third-party systems
• Coordinate evidence collection, manage remediation efforts, and ensure timely closure of audit gaps.
• Oversee the work of co-sourced as well as internal team members and review their work to ensure high-quality, consistent results.
• Identify control deficiencies and work with management to design effective remediation approaches and measures.
• Monitor changes to business processes and apply independent judgement to evaluate the potential impact to the control environment and recommend necessary improvements. Present the impact of the changes to the Head of Internal audit and other stakeholders prior to implementation.
• Manage and update all ICFR / SOX 404 documentation as required including COSO framework mapping, process and control narratives/flowcharts, risk and controls matrix, and testing approach.
• Apply professional skepticism and subject matter expertise to independently evaluate and conclude on control deficiencies and develop the necessary remediation actions and monitor their implementation in due time.
• Stakeholder Engagement
• Act as the primary liaison with IT, Security, and Finance leadership for SaaS and IT SOX assurance.
• Collaborate with external auditors to coordinate SaaS control testing approaches and reliance strategies.
• Train business and IT process owners on SaaS control requirements, third-party assurance, and best practices.
• Reporting & Communication
• Prepare high-quality reports and presentations on SaaS IT control results, data assurance findings, and remediation progress for executive leadership and the Audit Committee.
• Communicate complex IT and SaaS control issues in business-friendly terms to non-technical stakeholders.
• Stay current on emerging risks, regulations, and trends related to SaaS governance, IT risk, and data assurance. You
• Education & Certification
• Bachelor’s degree in Information Systems, Computer Science, Accounting, or related field.
• CISA required; CISSP, CISM, or CPA/CIA preferred.
• Experience
• 8+ years of experience in IT audit, IT SOX compliance, or IT risk management, with strong focus on SaaS and third-party hosted systems.
• Big Four accounting firm or equivalent experience in Internal or External Audit or IT consulting practice.
• Deep expertise in ITGCs, IT Automated Controls, key report testing, and their relevance to ICFR, Internal audit methodology and IIA standards.
• Experience assessing SOC 1 / SOC 2 reports and integrating vendor assurance into SOX programs.
• Background in both SaaS environments and homegrown applications preferred.
• Experience of working with audit management tools (e.g., AuditBoard, Archer, Workiva) to manage SOX and IT compliance programs..
• Skills & Competencies
• Strong technical understanding of SaaS environments, including access management, change management, integrations, and configuration controls.
• Strong analytical and technical skills wi

Apply tot his job Apply To this Job