TWO ROLES - IT SOX Manager and IT Operational Audit Manager in San Diego, CA at Vaco

Date Posted: 9/16/2020

Job Snapshot

  • Employee Type:
  • Location:
    San Diego, CA
  • Job Type:
  • Experience:
    At least 6 year(s)
  • Date Posted:
  • Job ID:

Job Description

TWO ROLES - IT SOX Manager and IT Operational Audit Manager

Instead of being another faceless resume, let Vaco advocate for you. At Vaco, we give you an advantage over your competition! Our recruiters have direct relationships with hiring managers so they can connect your work experience to the open job-promoting your strengths to the manager while preparing you for that specific interview.

Our recruiters will provide you with great insight about trends in the market-keeping you up to date on compensation expectations, company culture and growth opportunities. If your background is in accounting, and you want to partner with the best, apply today!

Qualifications for an IT Audit SOX Manager:

  • 6+ years experience - Big 4 public accounting, and/or in industry, minimum 3 years as supervisor leading SOX program
  • Bachelor's in Information Systems, Computer Science, or similar degree
  • Demonstrated knowledge of technology risks, including direct experience evaluating the effectiveness of cybersecurity, privacy and engineering controls
  • Working knowledge of information technology best practices and control frameworks such as NIST CSF, ISO27001 and COBIT
  • CISA, CISM and/or CISSP preferred
  • Compliance and regulatory knowledge in the technology and software industry. ISO 27001, PCI, NIST and/or SOC 2 experience preferred

Responsibilities for IT SOX role:

  • Design, lead and execute audit programs, including security and privacy audits, operational process reviews, system implementation reviews, application and other IT-related risk areas
  • Guide the planning, scoping and execution of audits primarily in areas associated with technology and technology-related risks (e.g. cybersecurity, privacy, and business resilience) including reviews of new and enhanced products and supporting systems, process changes and system implementations.
  • Work with Security and Privacy teams to understand the information security and privacy risk profile and use this knowledge for audit planning and execution.
  • Partner with security and engineering teams to lead, manage and contribute to the ISO 27001 certification internal audit phase.
  • Lead the report drafting process including framing of audit observations within the relevant business context, formulation of practical recommendations that balance stakeholder needs, and development of useful insights for management.

Responsibilities for IT Operational Audit role:

  • Oversee execution of technical audits and audit activities, including ISO 27001, PCI, SOX and SOC2 Type II assessments of SBG offerings along with other frameworks as needed
  • Coordinate responses to security assessments from customers and business partners
  • Provide input on multi-year, multi-group, cross-program strategy and roadmaps