Welcome page Returning Candidate? Log back in! IT Internal Audit Lead Job Locations US-KY-LOUISVILLE ID 2026-188502 Line of Business BrightSpring Health Services Position Type Full-Time Our Company

BrightSpring Health Services

Overview

The IT Internal Audit Lead supports the execution of the SOX 404 program with a focus on IT risks and controls and independently performs risk‑based IT and technology‑enabled audits. This role partners with IT and business stakeholders, co‑sourced providers, and other assurance functions to deliver timely, high‑quality assurance and actionable insights related to systems, applications, and data. As the Internal Audit function continues to mature and expand, this role is expected to grow in breadth and scope, taking on increasing responsibility across IT audit coverage, emerging technology risks, and assurance coordination.

Responsibilities The IT Internal Audit Lead works with the Vice President of Internal Audit, IT leadership, and business stakeholders to execute the Company’s internal audit plan, with emphasis on IT risk and controlsFosters relationships with IT and business personnel at appropriate levels and serve as a subject matter expert for IT control design, system access, change management, data integrity, and documentation standardsConsistently deliver high‑quality IT internal audit services in accordance with applicable professional standards (IIA, ISACA)Contributes to the annual audit plan and periodic risk updates, partnering with other assurance providers to coordinate activities and enhance overall assurance coverage across IT risksIndependently plan and execute risk‑based IT and technology‑enabled audits, including defining objectives and scope, developing test procedures, performing fieldwork, synthesizing findings, assessing impact, and recommending practical, actionable remediationDrives high‑quality work products within expected time frames and budgetCoordinates multiple concurrent projects and proactively manage stakeholder expectations related to service delivery and timelinesStays abreast of current technology, cybersecurity, and industry risk trendsPerforms other duties as assignedSupports execution of the SOX 404 program related to IT General Controls (ITGCs), automated application controls, and system‑dependent controls, coordinating closely with third‑party service providersFacilitates and lead IT SOX walkthroughs and design effectiveness assessments, including evaluation of:logical access controls,change management,IT operations,system interfaces, andIT‑dependent manual controls and IPE completeness and accuracyOversee and review co‑sourced operating effectiveness testing of IT controls, ensuring testing approaches, evidence, and conclusions meet Internal Audit standards and support external auditor reliancePerform operating effectiveness testing as needed, validate system‑generated evidence, and ensure conclusions are supportable, clearly documented, and audit‑readyProvide day‑to‑day oversight and project management of co‑sourced resources supporting SOX IT and IT audit engagements, including coordinating scope, timelines, deliverables, and reviewing workpapers for quality and consistencyServe as one of the primary points of contact for assigned co‑source engagements, facilitating communication, resolving issues, and escalating risks or delivery concerns as appropriateIndependently manage and execute assigned IT audit engagements end‑to‑end, while balancing oversight responsibilities and ensuring alignment with Internal Audit standards and expectationsSupervisory Responsibility: Yes Qualifications Bachelor’s degree in Information Systems, Computer Science, Accounting, Finance, or a related field.5–7+ years of experience in Internal Audit, IT Audit, or external audit (Big 4 or national firm strongly preferred), with substantial:SOX ITGC ownership, andhands on IT audit or technology risk assessment experience.Experience auditing ERP environments (e.g., SAP, Oracle), key business applications, and supporting infrastructure preferred.Industry experience in healthcare, provider services, pharmacy services, or other regulated environments preferred.CISA strongly preferred; CIA or CPA a plusStrong knowledge of ITGCs, SOX/PCAOB expectations, COSO, COBIT, and IIA/ISACA standards.Experience evaluating IT dependent manual controls, automated controls, system interfaces, and reports used as IPE.Proficiency with audit management platforms (e.g., Workiva, AuditBoard, TeamMate).Strong analytical and data evaluation skills; familiarity with data analytics or continuous auditing concepts is a plus.Excellent written and verbal communication skills, with the ability to explain technical concepts to non technical stakeholders.Percentage of Travel: 0-25%

**To perform this role will require frequently sitting and typing on a keyboard with fingers, and occasionally standing, walking, and climbing (stairs/ladders). The physical requirements will be the ability to push/pull and lift/carry 1-10 lbs**

About our Line of Business BrightSpring Health Services provides complementary home- and community-based pharmacy and provider health solutions for complex populations in need of specialized and/or chronic care. Through the Company’s service lines, including pharmacy, home health care and rehabilitation, we provide comprehensive and more integrated care and clinical solutions in all 50 states to over 450,000 customers, clients and patients daily. BrightSpring has consistently demonstrated strong and industry-leading quality metrics across its services lines, while improving the health and quality of life for high-need individuals and reducing overall healthcare system costs. For more information, please visit www.brightspringhealth.com. Follow us on Facebook, LinkedIn, and X.