Senior Auditor, Technology - Global Audit & Enterprise Risk Management

This position is designated as a hybrid role based out of our headquarters near Portland, Oregon. The current expectation is for employees to work onsite four days per week, subject to change based on business needs. This in-office requirement may be adjusted at the discretion of the company.

OUTGROWN YOUR OWN BACKYARD? COME PLAY IN OURS.

At Columbia, we’re as passionate about the outdoors as you are. And while our gear is available worldwide, we’re proud to be based in the Pacific Northwest, where natural wonders are our playground.

Every product we make and every task we undertake is inspired by the famous words of our founder Gert Boyle: “It’s perfect. Now make it better.” As pioneers of relentless improvement, we are constantly evolving.

We believe the outdoors is ours to protect and strive to keep our planet healthy. We believe in empowering people to experience the outdoors to the fullest.

And we believe in you.

ABOUT THE POSITION

Global Audit & Enterprise Risk Management partners with leaders across the enterprise to protect and enhance company value through world-class risk management, audit, and advisory services.

As the Senior Auditor, you will play a critical role in assessing and strengthening Columbia’s cybersecurity and technology risk posture. This role is primarily focused on evaluating cybersecurity risks and controls, delivering independent and objective insights that help the business anticipate and mitigate evolving threats.

You will serve as a key resource across cybersecurity audits, control testing, and enterprise risk initiatives, partnering closely with technology teams to support secure innovation across cloud, digital commerce, and emerging technologies.

HOW YOU’LL MAKE A DIFFERENCE

• Deliver on Strong Cybersecurity Skillsets: Perform cybersecurity audits against core frameworks and collaborate with technical teams to deliver clear, actionable findings and recommendations.
• Technology Risk Assessment & Planning: Lead cybersecurity-focused risk assessments and contribute to audit planning to proactively identify and mitigate emerging cyber threats across global operations.
• Deliver High-Impact Audits: Execute audits with a primary focus on cybersecurity, including identity and access management, cloud security, data protection, IT governance, and system development.
• Enterprise Risk Management: Execute deep-dive testing and analysis of cybersecurity and enterprise technology risks, driving mitigation strategies aligned with business objectives.
• Evaluate Controls Against Best Practices: Assess cybersecurity controls against leading frameworks (NIST CSF, ISO 27001, COBIT, CIS Controls) to ensure resilience and effectiveness.
• Collaborate on Emerging Technology: Stay current on trends in AI, cloud, cybersecurity, and digital commerce risks, supporting safe and secure adoption of innovative technologies.
• Communicate with Impact: Deliver clear, concise, and impactful insights to leadership in a timely and effective manner.
• Uphold Company Values: Model a culture of accountability, collaboration, quality, and continuous improvement.
• Promote Integrity: Uphold Global Internal Audit Standards and promote a culture of integrity across the organization.

YOU ARE

• A cybersecurity-focused professional passionate about protecting digital ecosystems and managing evolving threats
• A strong analytical thinker who can translate complex technical risks into practical business insights
• A collaborative partner who builds effective relationships across audit, risk, and technology teams
• A clear and confident communicator who can influence stakeholders at multiple levels
• Curious and forward-looking, with a continuous learning mindset around emerging threats and technologies

YOU HAVE

• Bachelor’s degree in Information Systems, Computer Science, Cybersecurity, or related field; or business degree with significant IT risk experience
• 4+ years of progressive experience in cybersecurity audit, technology risk, or information security
• Strong, hands-on experience evaluating and testing cybersecurity controls and frameworks (NIST, ISO, CIS Controls; not just exposure)
• Experience performing cybersecurity audits in complex enterprise environments, including areas such as IAM, cloud security, or data protection
• Familiarity with operating systems, databases, cloud platforms, enterprise architecture, and digital commerce risk considerations
• Relevant certifications such as CISA, CISSP, CISM, CRISC, CEH, or CompTIA Security+

#LI-JD1

This job description is not meant to be an all-inclusive list of duties and responsibilities, but constitutes a general definition of the position's scope and function in the company. 

Columbia Sportswear Company is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to sex, gender identity, sexual orientation, race, color, religion, national origin, disability, protected Veteran status, age, or any other characteristic protected by law. Columbia Sportswear is committed to working with and providing reasonable accommodation for individuals with disabilities. https://www.eeoc.gov/sites/default/files/2023-06/22-088_EEOC_KnowYourRights6.12.pdf. If you need reasonable accommodation because of a disability for any part of the employment process, please notify your recruiter.

At Columbia Sportswear Company, we’re proud to offer regular full-time employees a benefits package that includes a variety of services and products to help make your life and work more rewarding. Our benefit programs contribute to overall employee well-being by aligning those programs with the fundamental elements of well-being: physical, social/emotional, financial, career and community. Benefits that can protect your family’s financial future and help you save money through our 401k plan plus a generous company match. Columbia offers medical, dental, vision, life Insurance, disability, flexible spending accounts, health savings account, and an assortment of voluntary benefit offerings (accident, critical illness, hospital indemnity, and legal services). In addition, Columbia offers EAP + which is free and confidential 24/7/365 counseling services. We have extensive wellness benefits, employee discounts and a generous time off program available.

If you need an accommodation/adjustment to successfully complete and submit your application, please reach out to [email protected] with the Subject: Applicant Assistance Requested.