Senior Manager, Info Tech, Internal Audit
- Location SAN BRUNO, CA
- Department Technology & Software Development
- Team Information Technology
- Employment Type -
- Position -
- Requisition 784060BR
What you'll doLeads audit plan development for Information Security Audit engagements by identifying the technology behind the business process subject of the audit; identifying cyber risks threatening accomplishment of process objectives; determining the severity risks with regard to likelihood of occurrence and business impact; developing audit tests to assess the effectiveness of controls; employing data analytics technologies; assigning associates to execute portions of the technical audit plan.
Designing and developing strategies and tools to enhance audit efficiency and effectiveness leveraging IT industry expertise; applying relevant information security frameworks and best practices (for example ISO 27001/2, NIST, COBIT, OWASP Top 10, etc.) in areas of high complexity and emerging technologies.
Provides subject matter expertise in information security by ensuring comprehensive approaches to multiple audit projects; identifying IT audit work programs and control testing processes; developing and delivering training to internal and external teams; and reviewing technical aspects of audit projects.
Demonstrates ability to discuss and understand information security issues in areas such as vulnerability assessment, penetration testing, identity and access management, web application security, secure network architecture, data protection and internet networking in general (i.e. TCP/IP, DNS, routing, etc.)
Drives project deliverable completion by reviewing and overseeing the completion of audit workpapers, approving the severity and disposition of identified control weaknesses; reviewing compensating controls and offering recommendations on mitigation effectiveness; ensuring solution proposal, communication protocol, and communication effectiveness; leading closing conferences; and managing the follow up on remediation issues.
Leads technical functions to support information security audits by coordinating with process owners to identify and test controls; validating process documentation; analyzing IT and business information to identify improvement opportunities; working with the company's external auditors to ensure testing of regulatory compliance controls (Sarbanes-Oxley IT General Controls program); determining the technical components to be evaluated as a result of business compliance requirement and testing methods; and building foundations for aligning approach and technical scope with the company's external auditors. Maintains and advances industry expertise by reviewing new technologies; and participating in continuing education and training (for example, relevant industry certifications, forums).
8 plus years of experience in information security with internal audit emphasis preferred
2 years of supervisory experience.
Information systems certification or licensure (for example, Certified Information Systems Security Professional (CISSP), Certified Information System Auditor (CISA), Certified Information Systems Manager (CISM)).
CISA, CISSP, CISM, or CPA
Experience in performing technical assessments and audits of networks, operating systems, databases, application security, and IT processes.
Knowledge of SOX and understanding of compliance standards: SOC, ISO, HIPAA, and PCI
Ability to navigate through ambiguity, manage and coordinate multiple project assignments and manage multiple teams simultaneously in a fast-paced, deadline-driven environment.
Ability to accept ownership and accountability of the process and deliver on commitments.
Leadership skills (i.e. ability to take charge, has confidence to interact with all levels, can set objectives, will drive results and is a team player), excellent communication and interpersonal skills with the ability to work with teams cross-functionally.
"I feel like my manager wants to help me become a better developer and a better person overall."
Hello, Silicon Valley
You don’t have to choose between your career and your lifestyle. In Silicon Valley, you can have both.Discover Silicon Valley
Fioli Gardens, Woodside
View an art exhibit, take a nature hike, explore the historic Filoli House, or take a class at this gorgeous 654–acre property.
Get your art fix at this internationally recognized collection of over 30,000 works of modern and contemporary art.
Computer History Museum
Large-scale exhibits, an acclaimed speaker series, docent-led tours and an award-winning education program bring computer history to life.
Hike or jog throughout the year on terrain dedicated to academic programs, environmental restoration and habitat conservation.
Golden Gate Park, SF
Events, attractions, meadows, lakes, and a Japanese Tea Garden provide for a true escape, without leaving the city.
The Tech Museum
This family-friendly interactive science and technology center in San Jose provides a glimpse into the most inventive place on Earth — Silicon Valley.
Santana Row - San Jose
Stylish boutiques, world-class shopping, and delectable cuisine = a San Jose shopping trifecta.
Pacifica State Beach
Learn to surf or visit the “World’s Most Scenic Taco Bell” at this 0.75 mile long crescent shaped escape, a symbol of successful habitat restoration.
Golden Gate Cemetery
This national cemetery comprises 161 acres dedicated to all the members of the armed forces who served our country.
All the benefits you need for you and your family
- Multiple health plan options
- Vision & dental plans for you & dependents
- Associate discounts in-store and online
- Financial benefits including 401(k), stock purchase plans and more
- Education assistance for Associate and dependents