• Senior Auditor

    University of Michigan (Ann Arbor, MI)


    Senior Auditor

     

    How to Apply

     

    Please provide a cover letter and resume uploaded as one document. The cover letter should outline:

     

    + Your skills and experiences that directly relate to the position responsibilities

    + The specific reasons for your interest in this position

     

    Who We Are

    The University of Michigan

    The Chronicle of Higher Education has consistently featured the University of Michigan on its list of Great Colleges to Work For. With three campuses, 19 schools and colleges, world-class research facilities, and an exceptional health system, the University of Michigan is consistently ranked as one of America's top public universities.

     

    Office of Audit Services

     

    Audit Services at the University of Michigan is a team of 22 professionals who provide high-quality assurance, management advisory services, and other value-added services designed to assess and improve risk management, internal controls, compliance, and governance processes across the University of Michigan.

     

    We encourage teamwork, respect for others, continuous improvement, honest and ethical behavior, creativity and innovation, lifelong learning, and balancing professional and personal priorities. We value respect, integrity, professionalism, and accountability. We operate in accordance with the IIA Global International Standards and the IIA Code of Ethics. Please see https://audits.umich.edu for additional information.

     

    Why Work at Michigan?

     

    The University of Michigan offers a comprehensive benefits package to help you stay well, protect yourself and your dependents, and plan for a secure future.

     

    Being part of something greater, of serving a larger mission of discovery and care that's the heart of what drives people to work at Michigan. In some way, great or small, every person here helps to advance this world-class institution. It's adding a purpose to your profession. Work at Michigan and become a victor for the greater good.

    Responsibilities*

    Audit Services at the University of Michigan seeks an outstanding senior auditor to join our team. Audit Services is a resource and provides service to all areas of the university. We offer a challenging environment, professional growth opportunities, and work/life balance. Travel to branch campuses and conferences is rare but may be required. The successful candidate will be responsible for planning and performing IT audits and advisory engagements across all three campuses and Michigan Medicine. Engagements may include reviews of information systems, cybersecurity controls, IT governance, and related processes Key responsibilities include:

     

    + Plan and perform IT audits, including risk assessment, audit planning, fieldwork, analysis, evaluation of the adequacy of IT controls, and preparation of audit reports

    + Assess adherence to university policies and accepted standards (e.g., NIST, FERPA) and evaluate systems for confidentiality, integrity, and availability

    + Evaluate security controls for effectiveness, efficiency, compliance with legal requirements, and alignment with management objectives

    + Perform risk-based technical assessments of information systems and cybersecurity controls, which may include configuration reviews, vulnerability assessments, or other targeted security testing activities, as appropriate

    + Partner with institutional and cybersecurity teams to evaluate detection, response, and recovery capabilities

    + Evaluate the maturity of security architectures, identity and access management controls, and cloud configurations (e.g., AAWS, Azure, GCP)

    + Serve as a technical resource within Audit Services for cybersecurity risk, emerging threats, and technology-related control considerations

    + Proactively keep the associate director informed of audit progress, emerging risks, and significant issues

    + Assist with the support, configuration, and maintenance of audit management tools

    + Perform other duties and special projects as assigned

     

    This position requires effective communication with audit clients and collaboration with colleagues across Audit Services. A supportive and collaborative team environment is essential, along with proactive communication and sound judgement.

    Required Qualifications*

    + Bachelor's degree in management information systems, accounting, computer science, or related field

    + Relevant information technology experience and/or IT audit experience in a distributed and sophisticated information technology environment

    + Demonstrated expertise related to information systems auditing concepts, including security and control risks in the areas of logical and physical security, access controls, change management, data protection, operational resilience, networking, and modern cloud-based environments

    + Experience collecting and analyzing complex data, evaluating information and systems, drawing logical conclusions, and working collaboratively

    + Working knowledge of information technology and security best practices, control frameworks, business process mapping, and risk and controls identification

    + Excellent written and verbal communications and the ability to interact effectively with technical and non-technical stakeholders

    + Understanding of the concepts of internal controls in an IT context and risk assessment methodologies. However, inquisitive individuals with strong technical IT skills who are willing to learn auditing, are also encouraged to apply.

    + Ability to work effectively and collaboratively in a diverse work group and across the broader university community

    + Ability to meet hybrid work requirements, including residence within commuting distance of Ann Arbor and access to a secure, confidential remote workspace

    Desired Qualifications*

    + Graduate degree in a related field (e.g., information systems, cybersecurity, or audit)

    + Applied knowledge of cybersecurity and IT risk frameworks, such as the NIST Cybersecurity Framework and Center for Internet Security (CIS) controls

    + Experience performing advanced security or technical assessments , which may include vulnerability scanning, penetration testing, configuration reviews, or adversarial-style testing activities

    + Familiarity with ethical hacking concepts, threat modeling, or adversary techniques used to assess cyber risk and control effectiveness

    + Experience working with or alongside cybersecurity operations, incident response, or security monitoring teams

    + Experience using data analytic or technical tools (e.g., ACL, IDEA, Tableau, scripting or security testing tools) to support audit or risk assessment activities

    + Knowledge of higher education operations, university systems and data, and other compliance/regulatory requirements (e.g., FERPA, HIPAA, PCI DSS, GLBA)

    + Professional certifications such as CISA, CIA, CISSP, CEH, OSCP, or other relevant certifications

     

    Modes of Work

     

    Positions that are eligible for hybrid or mobile/remote work mode are at the discretion of the hiring department. Work agreements are reviewed annually at a minimum and are subject to change at any time, and for any reason, throughout the course of employment. Learn more about thework modes (https://hr.umich.edu/working-u-m/my-employment/ways-we-work-resource-center/ways-we-work-implementation-group/modes-work) .

     

    Additional Information

     

    This is a hybrid position requiring secure reliable internet access and some on-site work is required so the candidate must live within a reasonable commuting distance from Ann Arbor. This position will have a potential for a flexible combination of on-campus and remote work responsibilities.

     

    Respect for the university's core values is essential to the Audit Services mission and the department is committed to supporting initiatives that uphold and enhance these values across the university's research, teaching, and service missions.

     

    Salary is commensurate with the experience and qualifications of the selected candidate.

     

    Authorization to work in the U.S. is a precondition of employment and applicants for these positions will not be sponsored for work visas.

     

    Application Deadline

     

    Job openings are posted for a minimum of seven calendar days. The review and selection process may begin as early as the eighth day after posting. This opening may be removed from posting boards and filled any time after the minimum posting period has ended.

     

    U-M EEO Statement

     

    The University of Michigan is an equal employment opportunity employer.

     

    Job Detail

     

    Job Opening ID

     

    272634

     

    Working Title

     

    Senior Auditor

     

    Job Title

     

    Internal Auditor Senior

     

    Work Location

     

    Ann Arbor Campus

     

    Ann Arbor, MI

     

    Modes of Work

     

    Hybrid

     

    Full/Part Time

     

    Full-Time

     

    Regular/Temporary

     

    Regular

     

    FLSA Status

     

    Exempt

     

    Organizational Group

     

    University Audits

     

    Department

     

    Audit Services

     

    Posting Begin/End Date

     

    1/08/2026 - 3/31/2026

     

    Career Interest

     

    Finance