Senior IT Auditor

Xometry (NASDAQ: XMTR) powers the industries of today and tomorrow by connecting the people with big ideas to the manufacturers who can bring them to life. Xometry’s digital marketplace gives manufacturers the critical resources they need to grow their business while also making it easy for buyers at Fortune 1000 companies to tap into global manufacturing capacity.

We are seeking a highly experienced and detail-oriented IT Auditor to join the internal audit team. This role is critical in evaluating the effectiveness of IT controls, systems, and processes to ensure compliance, security, and operational efficiency. The auditor will drive transformation, influencing enterprise-wide change and helping steer the company toward smarter, safer, and more efficient practices.

Key responsibilities involve planning, executing, and reporting on IT audits, with a focus on IT General Controls (ITGC), application controls, key reports and operational audits. This role involves partnering with business and IT leaders to uncover risks and identify process improvements.

Key Responsibilities

IT Audit & Assurance Execution 

• Audit Planning & Testing: Lead and execute comprehensive IT audits, including in-depth testing of IT General Controls (ITGC) across cloud infrastructure, enterprise applications, and the proprietary quoting platform.
• Application & Data Integrity: Evaluate the design and operating effectiveness of application controls within key business processes (e.g., Finance, Operations, Marketplace). Perform detailed validation of Key Reports to ensure the accuracy, completeness, and reliability of data.
• SOX Compliance Leadership: Drive IT SOX compliance efforts, including updating narratives, Risk and Control Matrices (RCMs), and process flowcharts, focusing on critical controls for a publicly traded, high-growth tech company.
• Advanced Systems Review: Deeply evaluate security configurations, authentication processes, application security measures, and the controls surrounding new system implementations.

Risk Management & Business Partnership

• Strategic Risk Assessment: Partner with Technology and Business leaders to uncover technical risks, identify control deficiencies, and recommend practical, high-impact remediation strategies that align with Xometry's rapid pace.
• Transformative Solutions: Go beyond compliance to surface critical issues and develop smart, actionable solutions that leverage technology to automate control processes and enhance business efficiency.
• Data-Driven Auditing: Proactively utilize data analytics tools (e.g., Python, Alteryx) and internal platforms (e.g., AuditBoard) to continuously monitor controls, automate testing, and drive efficiency in audit procedures.

Reporting & Audit Development

• Compelling Deliverables: Prepare clear, concise, and persuasive audit workpapers and reports. Craft compelling audit deliverables—from scope definition to final reports—that effectively communicate risk and value to executive leadership.
• Methodology Enhancement: Actively contribute to the development and enhancement of the IT audit methodology, programs, and risk assessment frameworks, integrating new technologies like AI into audit practices.
• Industry Expertise: Stay current on industry best practices, emerging technologies (cloud, security), and regulatory changes (e.g., SOX, NIST, ISO 27001) relevant to a global, technology-driven marketplace.

Required Qualifications

• Education: Bachelor's degree in Information Technology, Accounting, Computer Science, Cybersecurity, or a closely related field/discipline.
• Experience: A minimum of 4 to 5+ years of progressive experience in IT auditing, internal audit, or a related assurance function, with specific experience in public accounting or a publicly traded company.
• Technical Expertise:
• Expert knowledge of IT General Controls (ITGC) across complex environments, including security, access management, change management, and operations.
• Proven experience leading IT controls testing for SOX compliance.
• Deep understanding of application controls and key report validation.
• Familiarity with security frameworks (e.g., NIST, ISO 27001) and risk assessment methodologies.
• Skills & Attributes:
• Highly analytical and detail-oriented with proven problem-solving skills in a technical context.
• Exceptional written and verbal communication skills, with the ability to translate complex technical issues into clear business risks for diverse audiences.
• A self-starter with the ability to independently manage multiple priorities and projects in a fast-paced, dynamic technology environment.
• Proven ability to build strong, collaborative relationships with technical and business stakeholders.

Preferred Qualifications

• Certifications: Relevant certifications such as CISA, CISSP, CRISC, CPA or CIA are highly preferred.
• Tool Proficiency: Hands-on experience with internal audit platforms (e.g., AuditBoard) and data analytics tools (Python, Alteryx).
• Industry Context: Experience auditing IT environments within the Manufacturing, E-commerce, or Technology industries.
• Emerging Tech: Technical proficiency or interest in auditing cloud environments (e.g., AWS, Goggle) and emerging technologies like AI/Machine Learning.

#LI-Remote

Xometry is an equal opportunity employer. All applicants will be considered for employment without attention to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran, or disability status.

For US based roles: Xometry participates in E-Verify and after a job offer is accepted, will provide the federal government with your Form I-9 information to confirm that you are authorized to work in the U.S.