Senior Manager Internal Audit - IT

IonQ is developing the world's most powerful full‑stack quantum computer based on trapped‑ion technology. We are pushing past the limits of classical physics and current supercomputing technology to unlock a new era of computing. Quantum computing has the potential to impact every area of human society for the better. IonQ’s computers will soon redefine industries like medicine, materials science, finance, artificial intelligence, machine learning, cryptography, and more.

IonQ is at the forefront of this technological revolution.

The Senior Manager Internal Audit - IT is a strategic transformation leader responsible for the organization’s technology risk landscape. This role goes beyond traditional oversight; you will act as a technologist within the audit function, leveraging AI and data science to automate control environments while ensuring the digital backbone of our global operations—including Manufacturing and M&A integrations—remains secure, compliant, and efficient.

Individual contributor with significant leadership and cross‑functional influence.

• AI‑Enabled Control Testing:
  Architect and implement AI/Machine Learning models to transition from manual sample‑based testing to 100% population testing.
• Annual SOX Audit:
  Lead SOX IT control design and operating effectiveness including identification of gaps, operating deficiencies, remediation plan and partnership with process owners to optimize control environment.
• Audit Workflow Automation:
  Leverage Generative AI and Robotic Process Automation (RPA) to automate the documentation of walkthroughs, drafting of audit reports, and the mapping of controls to regulatory frameworks.
• Continuous Control Monitoring (CCM):
  Partner with IT to build real‑time dashboards that monitor key risk indicators (KRIs), moving the department toward a "continuous audit" model.
• Predictive Risk Insights:
  Use data signals to identify emerging risks in the Quote‑to‑Cash and Manufacturing cycles before they manifest as material weaknesses.
• Lead the development of automated risk‑sensing capabilities and Key Risk Indicators (KRIs) within the ERM framework, leveraging data analytics to provide real‑time assurance over tech‑stack dependencies and third‑party vendor ecosystems.

• Automated Control Testing:
  Review the automated controls within core value streams such as Quote‑to‑Cash (Q2C) and Procure‑to‑Pay (P2P) to ensure data integrity and system reliability.
• Annual SOX Audit:
  Lead SOX control design and operating effectiveness including ITGC’s, identification of gaps, operating deficiencies, remediation plan and partnership with process owners to optimize control environment.
• SDLC & Implementation:
  Perform pre‑ and post‑implementation reviews for major system upgrades or ERP deployments to prevent "go‑live" control failures.

• IT Due Diligence:
  Lead IT‑focused risk assessments for business combinations, evaluating the target company’s security posture and control maturity.
• Post‑Merger Integration (PMI):
  Direct the integration of acquired entities into the corporate Internal Control Framework (COSO), managing the risks associated with data migration and system cutovers.

• ITGC Ownership:
  Lead the testing of IT General Controls (ITGC) and IT Application Controls (ITAC) for SOX 404 compliance.
• Regulatory Standards:
  Ensure IT systems meet stringent government contracting standards, including NIST 800‑171, CMMC, and FAR/DFARS requirements.

• Education:
  
  Bachelor’s degree in Management Information Systems (MIS), Computer Science, or Accounting.
• Experience:
  
  8–10+ years of progressive experience in IT Audit, IT Risk, or Cyber Consulting (Big 4 or large‑scale complex corporate environments preferred).

• Certifications:
  
  CISA required. CISSP, CRISC, or CISM highly preferred.
• Framework Mastery:
  Deep understanding of COBIT, NIST, ISO 27001, and the COSO Internal Control Framework.
• Influencing Without Authority:
  Exceptional "executive presence" with the ability to translate complex "tech‑speak" into…