Are you collaborative, self-motivated, and seek opportunities for innovation and continuous improvement?  Do you listen with intent to understand problems and provide valuable business insights and impactful solutions? Do you enjoy a variety of work at a company that has a strong mission, purpose and values? 

Great! Keep reading to learn more about joining our CarMax Audit Services team as Senior Technology Auditor. 

This role will broadly support the CarMax Audit Services team through the development and execution of the department’s audit plan.  This is a unique opportunity to build a strong understanding of CarMax’s business processes and technology, as well as partner with teams throughout the organization in both an audit and advisory role.  The variety of work provides ample opportunity to learn and grow and includes reviews of technology processes, applications, and infrastructure; system implementations; operational audits and reviews of processes, policies and procedures; and aspects of the annual SOX 404 audit. 

Essential Responsibilities

As a Senior Auditor – Technology, you’ll wear many hats such as thought leader, risk champion and advisor, project manager, coach, and brand ambassador.  In all instances, you’ll leverage your expertise to deliver exceptional business partner experiences as well as enhance awareness and understanding of risk, controls, and risk mitigation best practices.  Here are a few of the ways you’ll drive value at CarMax:

Provide assurance:  Perform and lead audits and reviews of various regulatory, operational and/or technological processes and controls, including integrated audits and the annual SOX IT audit.

Collaborate as a trusted Risk Advisor: Consult with a risk-based mindset to provide guidance and assurance in pre-implementation reviews, company initiatives, and other process and system enhancements as requested by the business; ensure controls are implemented to mitigate risks (operational, regulatory, reputational, strategic, and financial risk)

For each of the above, you will:

• Use and develop critical tools such as risk assessments, audit programs, and testing/review procedures so you can identify risk, tailor work appropriately, reach conclusions, and explore solutions.

• Lead and execute fieldwork to prepare high-quality workpapers summarizing procedures performed.

• Maintain strong business relationships and coordinate cross-functionality to align on risk, scope of work and results.

• Promote innovative and forward-looking problem solving to target root cause; provide recommendations contributing to operational excellence.

• Leverage your creativity to organize and present key project information through a variety of communication methods and tools, focusing on high-impact, high-value deliverables.

You will also foster an environment of continuous improvement by:

• Championing a culture of risk awareness and internal controls.  You will provide innovative and value-added insights to drive improved process efficiency and effectiveness for CarMax.

• Staying abreast of key changes, trends, and best practices within CarMax, the audit profession, the technology industry, and relevant regulatory environment.

• Helping lead department initiatives to identify efficiencies and improvements in work execution and internal processes.

Work Location and Arrangement: This role will be based out of the CarMax Home Office in Richmond, VA.  Associates based in Richmond work onsite 5 days per week.  

Work Authorization:? Applicants must be currently authorized to work in the United States on a full-time basis.?Sponsorship will not be considered for this specific role.? 

Qualifications and Requirements

• You are genuinely inquisitive.  You want to understand key components of a process and you leverage the right questions and tools to absorb and analyze facts, identify problems, and recommend improvements. 

• You’re organized.  You have a knack for planning and execution – from the initial identification of objectives to structuring a work plan for execution.  This sets you up for success when managing multiple projects concurrently to meet deadlines and deliver on customer commitments.

• You communicate clearly and effectively – both in written and verbal scenarios.  Not only does this help you effectively convey your message in various settings, but it also helps showcase your subject matter expertise and drive consensus in decision-making.

• And if all of that was not enough, you also model and encourage teamwork, inclusion, and diverse viewpoints.  These leadership traits allow you to motivate and persuade others (including associates in Audit Services and business partners across the organization), even without authority.

Additional skills and experience you bring to the table:

• Bachelors degree, preferably in Computer Science, Accounting Information Systems, Accounting/Finance, or other related business field

• 4+ years of information systems auditing experience or other relevant work experience in an IT internal audit or other IT risk/compliance/consulting function

• Detailed knowledge and testing experience with IT general controls (“ITGCs”) across all layers of technology to include the application, operating system, and database

• Understanding of traditional and emerging technology domains, including cybersecurity, cloud, artificial intelligence, infrastructure, networking, data warehouses, integration strategies, IT operations, IT risk management, and IT governance

• Technical skills and capabilities to support audits of complex technology areas and a desire to learn and develop knowledge of CarMax’s technology suite, tools etc. (e.g. ERPs, custom applications, security and coding tools, SQL scripting, database structure design, robotic process automation)

• Prior experience:

• Performing risk assessments, scoping activities, test planning, and walkthroughs in support of IT audit projects

• Assessing the design and operating effectiveness of technology controls, including testing complex ITGCs across a variety of technologies/systems

• Testing configurable and automated controls in support of business and technology processes

• Testing completeness and accuracy of reports and integrations

• Evaluating processes to identify controls and the associated system dependencies

• Performing system development and implementation reviews, including experience with Agile methodologies

Skills and experience preferred:

• SOX 404

• Experience with tools and technologies to facilitate fieldwork and data analysis (SQL, Alteryx, Python, etc.)

• Use of robotic process automation (RPA) and artificial intelligence (AI) to enhance audit efficiency, improve risk detection, and deliver actionable insights

• Retail industry and/ or financial services knowledge; preferably within a publicly held company

• Certified Information Systems Auditor (CISA) or Certified in Risk and Information Systems Control (CRISC)

About CarMax

CarMax disrupted the auto industry by delivering the honest, transparent and high-integrity experience customers want and deserve. This innovative thinking around the way cars are bought and sold has helped us become the nation’s largest retailer of used cars, with over 200 locations nationwide.

Our amazing team of more than 25,000 associates work together to deliver iconic customer experiences. Along the way, we help every associate grow their career and achieve their best, at work and in their community.  We are recognized for our commitment to training and diversity and are one of the FORTUNE 100 Best Companies to Work For®.

CarMax is an equal opportunity employer, and all qualified candidates will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, genetic information, national origin, protected veteran status, disability status, or any other characteristic protected by law.