Senior Manager, Info Tech, Internal Audit

Senior Manager, Info Tech, Internal Audit

What you'll do

Leads audit plan development for Information Security Audit engagements by identifying the technology behind the business process subject of the audit; identifying cyber risks threatening accomplishment of process objectives; determining the severity risks with regard to likelihood of occurrence and business impact; developing audit tests to assess the effectiveness of controls; employing data analytics technologies; assigning associates to execute portions of the technical audit plan.

Designing and developing strategies and tools to enhance audit efficiency and effectiveness leveraging IT industry expertise; applying relevant information security frameworks and best practices (for example ISO 27001/2, NIST, COBIT, OWASP Top 10, etc.) in areas of high complexity and emerging technologies.

Provides subject matter expertise in information security by ensuring comprehensive approaches to multiple audit projects; identifying IT audit work programs and control testing processes; developing and delivering training to internal and external teams; and reviewing technical aspects of audit projects.

Demonstrates ability to discuss and understand information security issues in areas such as vulnerability assessment, penetration testing, identity and access management, web application security, secure network architecture, data protection and internet networking in general (i.e. TCP/IP, DNS, routing, etc.)

Drives project deliverable completion by reviewing and overseeing the completion of audit workpapers, approving the severity and disposition of identified control weaknesses; reviewing compensating controls and offering recommendations on mitigation effectiveness; ensuring solution proposal, communication protocol, and communication effectiveness; leading closing conferences; and managing the follow up on remediation issues.

Leads technical functions to support information security audits by coordinating with process owners to identify and test controls; validating process documentation; analyzing IT and business information to identify improvement opportunities; working with the company's external auditors to ensure testing of regulatory compliance controls (Sarbanes-Oxley IT General Controls program); determining the technical components to be evaluated as a result of business compliance requirement and testing methods; and building foundations for aligning approach and technical scope with the company's external auditors. Maintains and advances industry expertise by reviewing new technologies; and participating in continuing education and training (for example, relevant industry certifications, forums).

Minimum Qualifications

Bachelor’s degree in Management of Information Systems or other Information Technology-related field.
8 plus years of experience in information security with internal audit emphasis preferred
2 years of supervisory experience.
Information systems certification or licensure (for example, Certified Information Systems Security Professional (CISSP), Certified Information System Auditor (CISA), Certified Information Systems Manager (CISM)).

Additional Qualifications

Additional Preferred Qualifications
CISA, CISSP, CISM, or CPA
Experience in performing technical assessments and audits of networks, operating systems, databases, application security, and IT processes.
Knowledge of SOX and understanding of compliance standards: SOC, ISO, HIPAA, and PCI
Ability to navigate through ambiguity, manage and coordinate multiple project assignments and manage multiple teams simultaneously in a fast-paced, deadline-driven environment.
Ability to accept ownership and accountability of the process and deliver on commitments.
Leadership skills (i.e. ability to take charge, has confidence to interact with all levels, can set objectives, will drive results and is a team player), excellent communication and interpersonal skills with the ability to work with teams cross-functionally.
Walmart Associate
"I feel like my manager wants to help me become a better developer and a better person overall."
— Roel, Program Analyst

Hello, Silicon Valley

You don’t have to choose between your career and your lifestyle. In Silicon Valley, you can have both.

Discover Silicon Valley
Silicon Valley
View of Silicon Valley from the hills after a passing storm

All the benefits you need for you and your family

  • Multiple health plan options
  • Vision & dental plans for you & dependents
  • Associate discounts in-store and online
  • Financial benefits including 401(k), stock purchase plans and more
  • Education assistance for Associate and dependents

Recently viewed jobs