CareFirst Careers

Manager, IT Audit

Resp & Qualifications

The IT Audit Manager  manages multiple audits concurrently and applies a broad range of general guidelines which require interpretation and application of professional judgment to a variety of specific circumstances encountered in highly technical IT audits.  This position is also responsible for the planning, execution, and reporting of IT audits including updating risk assessments, assessing the adequacy of controls, designing a risk based audit plan, executing tests scripts, analyzing results, drafting findings, preparation of audit reports as well as the supervision, direction, evaluation and mentoring of audit staff specialists.  Additionally, the role will oversee the activity of the quality assurance, developing, implementing, and maintaining a system of quality for the IT organisations products and/or process. 


  • Manage the successful completion of IT Audits through the direction and oversight of staff.  Ensure that IT staff maintain audit evidence, reports, and files which adequately document planning, fieldwork, reporting, and the basis for conclusions/opinions of audit work performed.  Ensure compliance with departmental policies and procedures.  Consistently review all audits in progress to inform Director and senior management of IT audit team activities and progress.  Improves internal controls by recommending changes in IT policies and practices.

  • Develop and maintain communication with peers, the vice presidents of all departments and their direct reports, subsidiary associates, external auditors, and other associated personnel, ensuring all potential audit activities are identified, assessed for risk, and considered as part of the audit plan.  Seek opportunities to educate management and associates on the importance of risk mitigation and effective internal controls.  Ensure all senior management requests for audit are analyzed and appropriately addressed.  Participate as a member of committees that drive information security initiatives.

  • Maintain a high level of knowledge of technological changes, new technology, audit issues, and incorporate them into the audit plan, process and risk analysis.  Maintain an understanding of corporate IT objectives, both short and long term.  In a proactive manner, plan, initiate and maintain involvement in IT planning and execution.  Lead or participate in departmental IT initiatives.

  • Develops, implements and manges proceses to ensure that products and processes meet requiired specifications for qualiuty, function and reliability prior to delivery. 

  • Identifies and analyzes issues, bugs, defects and other problems, particulary when problems recur in mutiple products; recommenda and faciliates solutions to these issues. 

  • Cultivate and manage relationships with internal auditors; manage audit lifecycle for individual IT audits.

  • Define key performance indicators to provide benchmarks for measuring quality; drive business process eengineering and improvement.

  • Develop a Quality Assurance  playbook with instructions and parametersfor assessing outcomes and capturing valaubale measurements.

This position manages people.


Education Level: Bachelor's Degree in Business, Information Technology, Finance or related field OR in lieu of a Bachelor's degree, an additional 4 years of relevant work experience is required in addition to the required work experience.

Experience: 5 years progressive IT or IT audit experience AND 1 year supervisory or demonstrated leadership experience.

Preferred Licenses/Certifications:

  • CISSP Certified Information Systems Security Professional
  • Certified Internal Auditor (CIA)  
  • Certified Information Systems Auditor (CISA)   
  • CISM - Certified Information Security Manager   
  • Certified Project Management Professional (PMP)-PMI  

Preferred Qualifications

  • Advanced degree
  • Healthcare insurance industry experience, CISA, CIA, CISM, CISSP, PMP.

Knowledge, Skills and Abilities (KSAs)

  • Excellent oral and written communication, presentation skills, facilitation skills and business process self- assessment techniques.
  • Ability to synthesize complex systems and financial auditing information into a format easily and completely understood by a diverse audience.
  • Knowledge and understanding of security risk management, IT security, and infrastructure. Knowledge of various auditing methods, practices, standards and procedures.
  • Must be able to effectively work in a fast-paced environment with frequently changing priorities, deadlines, and workloads that can be variable for long periods of time. Must be able to meet established deadlines and handle multiple customer service demands from internal and external customers, within set expectations for service excellence. Must be able to effectively communicate and provide positive customer service to every internal and external customer, including customers who may be demanding or otherwise challenging.

Estimated Amount: 5% Travel to various CareFirst offices, vendor locations, training facilities.


Department: Client Technology Services- MD)

Equal Employment Opportunity

CareFirst BlueCross BlueShield is an Equal Opportunity (EEO) employer.  It is the policy of the Company to provide equal employment opportunities to all qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, protected veteran or disabled status, or genetic information.

Hire Range Disclaimer

Actual salary will be based on relevant job experience and work history.

Where To Apply

Please visit our website to apply:

Federal Disc/Physical Demand

Note:  The incumbent is required to immediately disclose any debarment, exclusion, or other event that makes him/her ineligible to perform work directly or indirectly on Federal health care programs.


The associate is primarily seated while performing the duties of the position.  Occasional walking or standing is required.  The hands are regularly used to write, type, key and handle or feel small controls and objects.  The associate must frequently talk and hear.  Weights up to 25 pounds are occasionally lifted.

Sponsorship in US

Must be eligible to work in the U.S. without Sponsorship.


Not finding the right job?
Stay informed about future openings by joining one of our Talent Networks!

Learn more about Audit & Legal