Auditor II - IT

Be part of an amazing story

Macy’s is more than just a store. We’re a story. One that’s captured the hearts and minds of America for more than 160 years. A story about innovations and traditions…about inspiring stores and irresistible products…about the excitement of the Macy’s 4th of July Fireworks, and the wonder of the Thanksgiving Day Parade. We’ve been part of memorable moments and milestones for countless customers and colleagues. Those stories are part of what makes this such a special place to work.

Job Overview

The Internal Auditor II - IT performs audits and advisory reviews that assess risk, evaluate policies and procedures, and test controls across Information Technology Operations, Security, and Compliance functions.

What You Will Do

• Contribute to engagement planning by recommending methodologies and approaches based on independent research, prior-year workpapers, process flowcharts, industry frameworks, and past audit reports.
• Conduct interviews with process and business owners across all levels of the organization to identify key risks, areas of concern, and expected internal controls. Independently execute audit tests to evaluate the adequacy and effectiveness of technology processes, policies, and controls. Identify gaps and key risks, develop corrective action recommendations, and assess the adequacy of management’s proposed solutions.
• Perform comprehensive analysis of information gathered through interviews and document reviews, demonstrating professional skepticism and conducting appropriate follow-up.
• Present and validate initial audit findings and related corrective actions with process and business owners at various organizational levels.
• Document assessments and test results in accordance with departmental and Institute of Internal Auditors (IIA) standards, meeting established deadlines. Prepare clear, well-supported audit findings and apply sound judgment in recommending corrective actions.
• Provide on-the-job training and technical guidance to Auditor I team members to support their development and performance.
• Complete required engagement responsibilities to ensure compliance with professional standards, including workpaper self-reviews, timely audit file close-out, and resolution of supervisory review comments.
• Plan, manage, and supervise audit and advisory engagements when serving as Auditor-In-Charge (AIC).
• Conduct Internal Quality Assessment (IQA) reviews of selected audits and advisory engagements to ensure compliance with departmental and IIA standards.
• Perform independent research and participate in industry training to enhance technical expertise and stay current on IT and security trends.
• Foster an environment of acceptance and respect that strengthens relationships, and ensures authentic connections with colleagues, customers, and communities.
• In addition to the essential duties mentioned above, other duties may be assigned.
  
  

Skills You Will Need

Risk-Based IT Auditing & Control Frameworks: Strong knowledge of risk-based IT auditing in dynamic environments, with the ability to apply established control frameworks (e.g., COBIT, PCI, FFIEC) to assess IT Operations, Security, and Compliance risks and evaluate control effectiveness.

Analytical Thinking & Problem Solving: Advanced ability to analyze complex technology processes, identify control gaps and root causes, and evaluate the overall control environment using sound judgment and professional skepticism.

Audit Execution & Quality Assurance: Proven ability to independently plan and execute audit and advisory engagements, document findings in accordance with IIA standards, and deliver clear, well-supported recommendations that strengthen internal controls.

Stakeholder Engagement & Communication: Excellent written and verbal communication skills, with the ability to conduct effective interviews, present audit findings to stakeholders at all levels, and influence alignment on corrective actions.

Project Leadership & Accountability: Ability to manage and supervise audit engagements when serving as In-Charge, prioritize multiple assignments, meet deadlines, and operate with a high degree of independence, drive, and initiative.

Regulatory & IT Security Acumen: Working knowledge of IT operations, cybersecurity principles, compliance requirements, and emerging technology risks, with the ability to stay current on industry trends and evolving risk landscapes.

Learning Agility & Continuous Improvement: Strong aptitude for quickly understanding business processes and technology environments, pursuing ongoing professional development, and enhancing audit methodologies through independent research and training.

Who You Are

• Candidates with a Bachelor’s degree or equivalent work experience in a related field are encouraged to apply. CISA or CISSP certification preferred.
• 3 plus years of relevant prior work experience required in either an IT audit capacity or related IT industry.
• Regularly required to sit, talk, hear; use hands/fingers to touch, handle, and feel. Occasionally required to move about the workplace and reach with hands and arms. Requires close vision.
• Able to work a flexible schedule based on department and company needs. Able to travel 10-20%.
  
  

What We Can Offer You

Join a team where work is as rewarding as it is fun! We offer a dynamic, inclusive environment with competitive pay and benefits. Enjoy comprehensive health and wellness coverage and a 401(k) match to invest in your future. Prioritize your well-being with paid time off and eight paid holidays. Grow your career with continuous learning and leadership development. Plus, build community by joining one of our Colleague Resource Groups and make a difference through our volunteer opportunities.

Some Additional Benefits We Offer Include

• Merchandise discounts
• Performance-based incentives
• Annual merit review
• Employee Assistance Program with mental health counseling and legal/financial advice
• Tuition reimbursement
  
  

Access the full menu of benefits offerings here.

About Us

This is a great time to join Macy’s! Whether you’re helping a customer find the perfect gift, streamlining operations in one of our distribution centers, enhancing our online shopping experience, buying in-style and on-trend merchandise to outfit our customers, or designing a balloon for the Thanksgiving Day Parade, we offer unique opportunities to be part of some of the most memorable moments in people’s lives.

Join us and help write the next chapter in our story - apply today!

This job description is not all-inclusive. Macy's, Inc. reserves the right to amend this job description at any time. Macy's, Inc. is an Equal Opportunity Employer, committed to a diverse and inclusive work environment.

LEGALRE00

This position may be eligible for performance-based incentives/bonuses. Benefits include 401k, medical/vision/dental/life/disability insurance options, PTO accruals, Holidays, and more. Eligibility requirements may apply based on location, job level, classification, and length of employment. Additional benefit details are available at macysJOBS.com.