Basic information
Job Name:
Senior Auditor, Internal Audit – Cyber & Technology
Location:
Washington, DC
Line of Business:
Finance
Job Function:
Investor Services
Date:
Thursday, May 14, 2026
Senior Auditor, Internal Audit - Cyber & Technology
The Carlyle Group
IT
Washington, USA
USD 110k-115k / year
Posted on May 15, 2026
Position Summary
Position Summary
Carlyle's Global Internal Audit & Advisory function delivers independent assurance and practical insights that strengthen risk management, internal controls, and business operations across one of the world's leading alternative asset managers. The team partners directly with the business and maintains rigorous independence while driving real impact.
The Senior Auditor, Internal Audit – Cyber and Technology, is a key member of the team and executes the audits in accordance with the annual audit plan, with approximately 70% of work focused on technology and cyber audits and 30% on process and compliance.
As a Senior Auditor, you'll be hands-on across all phases of the audit lifecycle, planning, walkthroughs, fieldwork, testing, and reporting, with a primary focus on technology and cyber risk. You'll interact with a broad range of stakeholders within Cybersecurity and Technology, as well as front, middle, and back office, gaining broad exposure to complex processes, systems, and platforms. This is not a checkbox audit role: you'll bring genuine curiosity, exercise professional judgment, and actively leverage AI tools to modernize how audit work gets done. You'll also support the annual risk assessment process and ongoing audit reporting, giving you visibility into how a world-class internal audit function operates from the ground up.
In-Office Requirement: 4 days a week
Responsibilities
Primary Responsibilities
Audit Execution
· Lead and execute all phases of audit engagements, planning, walkthroughs, fieldwork, testing, and reporting, using established methodologies and your own professional judgment.
· Conduct walkthroughs of technology-enabled business processes to map system flows, identify risks, and evaluate the design and operating effectiveness of controls.
· Obtain, analyze, and validate audit evidence; prepare clear process narratives, risk and control matrices, testing workpapers, and well-reasoned audit reports.
· Identify control deficiencies and execution gaps; document findings with precision, including root causes, impacts, and practical remediation guidance.
· Support issue tracking, remediation validation, and follow-up testing through to closure.
AI-Enabled Audit Work
· Apply AI-enabled tools to analyze full populations, surface trends and anomalies, accelerate documentation drafting, and sharpen audit conclusions.
· Design, refine, and systematize effective prompts that improve the quality, consistency, and efficiency of AI-assisted audit work across the team.
· Exercise sound professional judgment with AI and analytics outputs—validating results, understanding model limitations, and ensuring every conclusion is grounded in appropriate evidence.
· Identify and champion opportunities to enhance audit efficiency through data analytics, automation, and AI integration within existing processes.
Stakeholder Engagement and Other Activities
· Contribute to the annual risk assessment and audit planning process by bringing a point of view on emerging technology and cyber risks that shapes the forward-looking audit agenda.
· Support the preparation of Audit Committee and senior management reporting, translating audit results and trends into clear, executive-ready narratives.
· Serve as a credible point of contact for stakeholders across Cybersecurity, Technology, and front, middle, and back office, communicating findings, observations, and recommendations with clarity and confidence.
· Own assigned workstreams end-to-end: drive timelines, anticipate obstacles, and bring leadership solutions not just problems.
· Actively contribute to the continuous improvement of audit processes, methodology, and reporting by bringing ideas that make the function sharper over time.
Qualifications
Requirements
Education & Certificates
· Bachelor’s degree, required
· Concentration in Accounting, Finance, Business Administration, Information Systems, or a related field, preferred
· Masters degree and/or relevant certifications or progress toward certification (e.g., CISA, CPA, CIA), preferred
Professional Experience
· Minimum of 2-4 years of experience in internal audit, IT audit, risk advisory, or external audit, required
· Experience with a technology focus in financial services, alternative asset management, investment management, or similarly regulated industries, preferred
Competencies & Attributes
· Solid understanding of cybersecurity and technology domains, including, but not limited to, IAM, cybersecurity, data management, system operations, etc with the ability to connect technical risks to business impact.
· Experience with SOX compliance, including ITGC testing, documentation, remediation support, and coordination with external auditors.
· Comfortable evaluating business process controls in a publicly traded or similarly regulated environment.
· Proficient and confident working with large, complex data sets; familiarity with data analytics tools is a plus.
· Naturally curious and analytically rigorous, asks sharp questions, tests assumptions, and challenges conventional thinking to get to the real risk.
· AI- and data-forward, with a demonstrated ability to leverage analytics, automation, and emerging tools to deliver better audit outcomes.
· Clear and precise communicator with strong written and verbal skills, disciplined documentation, and a relentless focus on quality and timeliness.
· Thrives in dynamic environments, builds trust-based relationships with stakeholders, and brings the adaptability and collaborative instincts to make the people and function around them better.
Benefits/Compensation
The compensation range for this role is specific to Washington, DC and takes into account a wide range of factors including but not limited to the skill sets required/preferred; prior experience and training; licenses and/or certifications.
The anticipated base salary range for this role is $110,000 to $115,000.
In addition to the base salary, the hired professional will enjoy a comprehensive benefits package spanning retirement benefits, health insurance, life insurance and disability, paid time off, paid holidays, family planning benefits and various wellness programs. Additionally, the hired professional may also be eligible to participate in an annual discretionary incentive program, the award of which will be dependent on various factors, including, without limitation, individual and organizational performance.
Due to the high volume of candidates, please be advised that only candidates selected to interview will be contacted by Carlyle.
Company Information
The Carlyle Group (NASDAQ: CG) is a global investment firm with $475 billion of assets under management, across 678 investment vehicles as of March 31, 2026. Founded in 1987 in Washington, DC, Carlyle has grown into one of the world's largest and most successful investment firms, with more than 2,500 professionals operating in 28 offices in North America, Europe, the Middle East, Asia and Australia.
Carlyle’s purpose is to connect people, ideas, and capital to fuel growth for companies and performance for investors, which range from public and private pension funds to wealthy individuals and families to sovereign wealth funds, unions and corporations. Carlyle invests across three segments – Global Private Equity, Global Credit and Carlyle AlpInvest – and has deep expertise across industries, markets, and geographies.
At Carlyle, we believe that a wide spectrum of experiences and viewpoints drives performance and success. Our CEO, Harvey Schwartz, has stated that, "To build better businesses and create value for all of our stakeholders, we are focused on assembling leadership teams with the strongest insights from a range of perspectives." Reflecting this view, emphasis is placed on development, retention and inclusion through our internal processes and seven Employee Resource Groups (ERGs). We cultivate a culture where ideas are openly shared and challenged, connecting diverse expertise and perspectives to drive enduring value.