Companies you'll love to work for


Senior Auditor, IT Audit & Data Analytics



IT, Data Science
Mexico City, Mexico
Posted on Saturday, September 2, 2023

Blend is a diverse team of problem solvers who believe that the world’s financial resources should be more accessible. Our cloud banking platform is used by Wells Fargo, U.S. Bank, and over 330 other financial services firms to acquire more customers, increase productivity, and deliver end-to-end digital experiences. Our software enables our customers to process an average of more than $5 billion in loans per day, making it possible for consumers to reach their financial goals faster and lead better lives. Come do work that matters.

As a Senior Auditor - Information Technology (IT) Audit & Data Analytics on our Internal Audit & Enterprise Risk Management team, you will be focused on IT audits of cloud-based and custom developed systems, SOX 404 testing, as well as Enterprise Risk Management (ERM) and Fraud Risk Assessment (FRA) activities. This role helps the company to accomplish its objectives and improve IT operations through an independent and objective assurance and advisory approach designed to add value. You will report to the Manager/Senior Manager - IT Audit & Data Analytics, and will work with various business & IT partners. Specifically, this role is responsible for assisting the Manager/Sr. Mgr. in planning IT audits in all areas of IT, Information Security and Privacy, conducting fieldwork (executing, documenting and interpreting testing), and preparing draft audit findings for reporting to senior management. This role will also administer the SOX tool, AuditBoard’s SOXHub. The IT Audit & Data Analytics team works closely with the Business Process audit team; the entire IA team will utilize data analytics/visualizations and automation technologies (Robotic Process Automation/RPA, Generative AI, etc.). The IT Audit & Data Analytics team will serve as a “center of excellence” for data analytics, visualization, and adoption of emerging technologies.

The ideal candidate is an ex-Big 4, highly motivated self-starter with prior experience in IT Internal Audits, Enterprise Risk Management, and SOX in the Fintech or Software industry who has superior written and oral communication skills, takes pride in the accuracy and timeliness of their work and is used to working as part of a remote team and collaborating with business partners in offshore locations such as India and Mexico.

How you'll contribute:

  • Assist in planning and conducting IT internal audit projects in accordance with the Institute of Internal Auditors (IIA) professional practice standards
  • Assist the Manager/Sr. Mgr. with administrative coordination/project management of SOX 404 ITGC testing, annual IA IT audit plan and Enterprise Risk Assessment, based on defined timelines and budgets
  • Contribute to the identification and assessment of IT risks
  • Contribute to ongoing development of the ERM, Fraud Risk Management programs
  • Perform interviews with stakeholders, take accurate notes
  • Schedule meetings, request documents from business partners
  • Obtain, analyze and evaluate existing documentation, previous reports, data, flowcharts
    Document processes in concise narratives, as applicable
  • Develop process flowcharts and data flow diagrams
  • Evaluate internal controls design and operating effectiveness
  • Evaluate compliance with policies and procedures
  • Perform work within the budget and manage tasks accurately based on timeline
    Develop audit test procedures when needed
  • Perform Test of Design (TOD) and Test of Effectiveness (TOE) based on pre-existing audit program, re-test remediated controls to determine if the control gap was successfully remediated
  • Perform and incorporate data analysis and visualizations in audit planning, workpaper support, final reports
  • Prepare clear, concise, accurate, logical, and detailed workpapers for work performed and conclusions reached; document these according to professional practice standards
  • Identify and research issues with supported analysis and propose solutions
  • Explain complex, technical and/or sensitive information in a straightforward manner
  • Provide meaningful recommendations to improve policies/ procedures/ systems/ processes and address root causes of ineffective or inefficient controls
  • Work with business partners to address control gaps and monitor action plans
  • Exercise judgment and discretion related to conducting audit work
  • Participate in special projects as assigned by Internal Audit management
    Promote an ethical and risk-aware culture at the company
  • Maintain knowledge of the business of Blend Platform and Title365, including the underlying technologies
  • Maintain knowledge of generally accepted auditing and accounting standards and maintain professional certifications (e.g., CIA, CISA, CISSP)
  • Perform system administration activities for the SOXHub application (user provisioning, de-provisioning, workstream tasks, issues management, controls audits to ensure completeness of fields, optimize functionality and participate in vendor webcasts and meetings such as “health checks” to facilitate Blend adopting all available functionality


  • Bachelor's Degree in a business or technology discipline
  • Big 4 (Deloitte, EY, KPMG, PwC) Advisory or Assurance background
  • Strong understanding of business & IT operations processes for a software company
  • Strong understanding of Software as a Service (SAAS)/Platform as a Service (PAAS)
  • Strong business judgment that enables issue identification and appropriate escalation
  • Strong critical thinking, analytical and investigative skills
  • Strong project and time management skills
  • Ability to effectively juggle multiple projects and keep Manager/Sr. Mgr. informed
  • Ability to think independently, take ownership, and drive initiatives to resolution
  • Ability to provide meaningful recommendations to improve policies, procedures, systems, processes; as well as to address root causes of ineffective/inefficient controls
  • Ability to explain complex and/or sensitive information in a straightforward manner
  • Ability to manage stakeholders in a service oriented, problem-solving, practical mindset
  • Strong rapport and relationship building skills to collaborate and positively influence partnerships across the company
  • Proactive and self-initiating work style
  • Integrity, openness, and transparency
  • Intellectual curiosity
  • Critical thinker, ability to identify root cause of issues

Who you are:

  • Minimum of 3 years experience in IT audit, including Data Analytics
  • Experience working as part of a remote team
  • Work collaboratively with partners to address control gaps, monitor action plans
  • Prior experience obtaining, analyzing and evaluating existing documentation, previous reports, data, flowcharts
  • Prior experience developing process flowcharts and data flow diagrams from scratch
  • Prior experience documenting processes in concise narratives
  • Prior experience performing interviews and taking accurate notes for audit workpapers
  • Prior experience developing audit test procedures from scratch based on objectives
  • Prior experience executing SOX 404 ITGC and IT audit testing according to defined budgets and timelines, including administrative tasks such as meeting coordination/scheduling and requesting documents
  • Prior experience incorporating data analysis / data analytics (including the use of SQL-based tools) & AI tools and techniques in audit planning, testing, workpaper support and final reports
  • Prior experience preparing clear, concise, accurate, logical, and detailed workpapers for work performed and conclusions reached
  • Prior experience determining root causes for control deficiencies
  • Prior experience identifying and researching issues with supported analysis, and proposing actionable/practical solutions, drafting audit reports
  • Prior experience working with IPE (Information Provided by Entity) and testing the completeness and accuracy of key reports and spreadsheets
  • Prior experience assisting control owners in completing SOC (Service Organization Control) Report reviews for SOC1, including controls mapping and mapping of Complementary End User Computing Controls
  • Experience leveraging Robotic Process Automation (RPA) and AI technology
  • Experience with Visio, SOXHub, NetSuite, Workday HCM, Salesforce, Slack, GSuite
  • Experience with auditing cloud-based, open-source systems & tools
  • Experience with auditing Agile IT
  • Experience with SOC, ISO, PCI frameworks
  • Excellent written English communication skills: clear, concise, professional


  • Required: Certified Information Systems Auditor (CISA)
  • Optional: Certified Fraud Examiner (CFE), Certificate in Risk Management Assurance (CRMA), Project Management Professional (PMP), Certified Information Systems Security Professional (CISSP)

Blend is an equal opportunity employer that values diversity, inclusion and belonging. We do not discriminate on the basis of race, religion, color, national origin, gender, gender identity or expression, sexual orientation, age, marital status, veteran status, disability status, or any other characteristic protected by law. We will consider for employment all qualified applicants with arrest and conviction records in a manner consistent with applicable laws.