Senior Lead, Internal Audit

Senior Lead, Internal Audit

The salary range is $87,500 to $90,000 annually and may also be eligible for incentive pay based on performance.*

Actual salary may vary based on factors such as geographic location, experience, education, and skill level.

This position is remote but may, from time to time, require travel to our Store Support Center in Atlanta, GA.

Summary

The IT & Process Audit Senior performs risk-based financial, operational, compliance, and IT audit activities across the organization. This role executes and supports integrated assurance and consulting engagements by evaluating business processes, information systems, and internal controls to assess risk, improve governance, and strengthen control effectiveness. The incumbent applies sound judgment, critical thinking, and technical expertise to deliver practical, value‑added recommendations while partnering effectively with business and technology stakeholders.

Duties and Responsibilities

• Independently lead and execute integrated audits that evaluate business processes, supporting systems, and related internal controls across financial, operational, compliance, and IT risk areas. This also includes planning, scoping and reporting.
• Assess end‑to‑end risk and control effectiveness by analyzing how business processes, data, and technology interact to support reliable reporting and operations
• Plan and perform risk assessments with audit executive management, identifying emerging risks, key processes, technology risks, dependencies, and control expectations
• Design and execute integrated audits across IT, finance, and operations
• Evaluate control design and operating effectiveness, including controls supporting SOX and other regulatory requirements
• Supervise staff, delegates tasks, and provides coaching and feedback
• Partner with business and IT stakeholders to understand complex workflows, identify root causes, and provide practical, value‑focused recommendations
• Prepare high‑quality audit documentation and workpapers that clearly support conclusions and comply with audit standards
• Prepare or detail review work papers in accordance with departmental standards
• Draft audit observations and formal written reports, supporting clear messaging and actionable remediation plans for management
• Meet face-to-face with Directors/VPs, communicate engagement progress, negotiate action plans, and manage stakeholder expectations
• Track remediation of audit findings and validate that corrective actions effectively address identified risks
• Perform advanced analytics (e.g., SQL/PowerBI) and have the ability to build data-driven models
• Support special projects, advisory activities, and continuous improvement initiatives within Internal Audit
• Assist in preparing quarterly Audit Committee communications, including timely follow-up with management on open audit recommendations
• Participate in store audits and assist the store audit team with desktop audits and other operational audit procedures
• Exhibit a high degree of judgment, determines significance of audit processes/issues, and manages escalations independently

Education and Experience

• Bachelor’s degree or higher in Information Systems, Accounting or a related field
• Minimum 3–5 years of internal or external audit experience, including exposure to IT controls or integrated audits
• 2-3 years of experience with a Big 4 or similar firm is preferred
• Experience with Information Security, Privacy, IT Audit, Compliance & IT Management Standards: ISO27001/27002, PCI-DSS, SSAE-16 SOC1 & SOC2, SOX, NIST 800-53, COBIT, GAPP, & COSO
• Experience supporting SOX, IT, compliance, or regulatory audits preferred
• One or more of the following professional designations is preferred: Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), Certified Information Privacy Professional (CIPP), Certified Information Systems Security Professional (CISSP), Certified Public Accountant (CPA)

Required Skills & Competencies

• Strong understanding of business processes, internal controls, risk assessment, and IT control concepts
• Knowledge of IT general controls, application controls, and common audit frameworks
• Project management skills with the ability to manage multiple priorities and meet deadlines
• Proficiency in Microsoft Office (Word, Excel, PowerPoint); familiarity with audit management tools and basic data analytics (e.g., PowerBi, SQL)
• Working knowledge of audit management and process flow software (e.g., JIRA)
• Clear, concise written and verbal communication skills, including explaining complex topics to non‑technical audiences
• Sound professional judgment, attention to detail, and commitment to audit quality
• Collaborative mindset with the ability to build effective relationships across business and IT teams
• Willingness to travel on a limited basis (approximately 15%)
• Professional ethics – Adheres to Aaron’s key policies, practices and procedures; applies ethical principles and values to the activities being audited
• Internal audit management – Strives for quality and excellence and encourages others to do the same
• International Professional Practices Framework – Maintains current knowledge of the International Professional Practices Framework (IPPF), the authoritative guidance issued by The Institute of Internal Auditors; develops deep understanding of Aaron’s audit methodology, policies and procedures, which are based on the IPPF
• Governance, risk and control – Solid foundation in technical aspects of auditing (knowledge of general accounting, business processes, internal controls, risk assessment and/or other related general/application controls)
• Communication – Understanding of effective communication concepts, tools and techniques; ability to effectively transmit, receive and accurately interpret ideas, information and needs through the application of appropriate communication behaviors
• Relationships and collaboration – Nurtures and builds effective partnerships with audit engagement clients to achieve results; team player, comfortable working on multiple teams/projects simultaneously and independently, as needed
• Critical thinking – Understanding of the issues related to the decision-making process; ability to analyze situations fully and accurately, and reach productive decisions
• Internal audit delivery – Demonstrates efficiency and persistence, managing own time and ensuring engagement deadlines and objectives are met; follows up with management to ensure that management actions have been effectively implemented or that senior management has accepted the risk of not taking action; understanding of the necessity and value of accuracy and attention to detail; ability to process information with high levels of accuracy
• Improvement and innovation – Champions change, continuous improvement and innovation and supports others in the pursuit of these

The above statements are intended to describe the general nature and level of work performed by employees assigned to this classification.  The statements are not intended to be an exhaustive list of all job duties performed by employees assigned to this classification.

*Note that the pay range provided above is the lowest to highest rate we in good faith believe we would pay for this role at the time of this posting.  We may ultimately pay more or less than the posted range, and the range may be modified in the future.  An employee’s pay position within the salary range will be based on several factors including, but not limited to, relevant education, qualifications, certifications, experience, skills, seniority, geographic location, performance, shift, travel requirements, sales or revenue-based metrics, any collective bargaining agreements, and business or organizational needs. Note: No amount of pay is considered to be wages or compensation until such amount is earned, vested, and determinable. The amount and availability of any bonus, commission, or any other form of compensation that are allocable to a particular employee remains in the Company's sole discretion unless and until paid and may be modified at the Company’s sole discretion, consistent with the law.

**Benefits vary based on FT and PT employment status.