IT SOX Senior Auditor
Top focus
Vanguard's Internal Audit & SOX department is seeking an IT Senior Auditor to join the SOX Audit Services (SAS) team. SAS serves as Vanguard's centralized ICFR (internal control over financial reporting) assurance and audit function. In this role, you execute activities across the ICFR audit cycle, including IT risk assessments, system walkthroughs and scoping, testing of IT and automated business process controls, deficiency evaluations, and audit reporting.
This role offers the opportunity to deepen expertise in IT and automated business process controls, technology risk, ICFR assurance, and SOX governance through hands-on audit execution and meaningful stakeholder engagement. You will focus on controls and processes at the intersection of financial reporting and technology risk, helping Vanguard navigate a control environment shaped by AI, automation, advanced analytics, and digital transformation.
You will contribute to ongoing efforts to leverage automation, analytics, and AI in the audit lifecycle. We are seeking a strong individual contributor with well-developed critical and conceptual thinking skills, sound judgment, technology, data and automation acumen, and the ability to independently manage varied audit tasks and competing priorities.
Responsibilities Execute key ICFR audit procedures, including performing process and system walkthroughs; identifying financial reporting and technology risks; testing IT and automated business controls; and identifying and escalating control changes, issues, or emerging risks in accordance with established methodology.
Analyze, document, and support conclusions on control deficiencies in accordance with SOX and internal audit methodology, including assessing root cause, severity, and potential financial reporting impact, as applicable. Partner with control owners and other stakeholders to support timely and effective remediation of identified control deficiencies, including tracking progress against established remediation plans and proactively identifying related or systemic risks.
Prepare and maintain high-quality ICFR audit documentation—including control narratives, flowcharts, risk assessments, and supporting artifacts that are complete, reliable, and aligned with internal audit standards and external audit expectations.
Collaborate with other Internal Audit and SOX professionals in a matrixed environment to execute audit activities, align scope, and contribute to consistent, risk‑focused ICFR assurance outcomes. Support continuous improvement initiatives that enhance the use of technology, automation, and data analytics to strengthen and improve efficiency of ICFR audit execution.
Contribute to periodic control certification activities as directed. Participate in special projects and perform other duties as assigned. Qualifications Undergraduate degree required; advanced degree or professional certification (e.g., CPA, CIA, CISA, CISSP) is a plus.
Minimum of three years of relevant experience performing SOX, ICFR, audit or assurance work, with a strong understanding of applicable concepts, practices, and methodologies, including business automated controls and IT controls such as logical access, change management, and IT operations; public accounting and/or internal audit experience is ideal.
Experience testing and evaluating automated business process controls and IT controls within financial services, technology, or risk management environments, including end-to-end process, risk, and control analysis, financial reporting and SOX compliance.
Experience leveraging automation, data analytics, and full population testing in the execution of audits is ideal. Demonstrated ability to exercise sound judgment and make well-reasoned, defensible audit decisions in a complex environment; experience using data analytics or other audit techniques to support risk assessment and audit conclusions is preferred.
Excellent organization, communication, and collaboration skills, with the ability to effectively partner with control owners, internal risk and compliance partners, and external auditors. Special Factors This is a hybrid role — candidates must be commutable to Vanguard's Malvern, PA office.
Special Factors Sponsorship Vanguard is not offering visa sponsorship for this position. About Vanguard At Vanguard, we don't just have a mission—we're on a mission. To work for the long-term financial wellbeing of our clients. To lead through product and services that transform our clients' lives.
To learn and develop our skills as individuals and as a team. From Malvern to Melbourne, our mission drives us forward and inspires us to be our best. How We Work Vanguard has implemented a hybrid working model for the majority of our crew members, designed to capture the benefits of enhanced flexibility while enabling in-person learning, collaboration, and connection.
We believe our mission-driven and highly collaborative culture is a critical enabler to support long-term client outcomes and enrich the employee experience.