Technology Audit Manager
- San Francisco, CA
The Technology Audit Manager will be responsible for the audits of Square’s information systems environment, with an emphasis on identifying and assisting management in minimizing the related risks. The scope of these activities includes complex audits related to general data centers, system applications, web based applications, IT infrastructure, and information security. The Technology Auditor will provide strategic assistance in the development of integrated systems designed to help management identify, manage, and monitor potential areas of risk, from both a financial and operational perspective.
A successful candidate should have a good understanding of IT controls and internal audit, and will have an important role in branding Internal Audit services, championing IT controls and governance concepts throughout the business.
Work collaboratively with IT management regarding general controls reviews and assessments. The scope of these activities will include participating on any related teams on a consultative basis.
Design, test, and document controls related to IT compliance with Sarbanes-Oxley requirements
Execute complex IT audits. This includes assessing and evaluating potential application risks and controls and providing recommendations to Management regarding mitigation of risks.
Analyzing and assessing IT risks (cyber security, data protection and confidentiality, technology change, technology reliability) assumed by the business.
Communicate audit and client expectations regarding deliverables, timing, and benefits to the company. Ensure audit results are focused, clear, accurate, and well presented. Anticipate potential roadblocks and issues, and provide suggestions and alternatives.
Participate in system development audits to ensure controls are considered and implemented as part of the system development life cycle process.
Apply information systems development, implementation and operation control concepts in a variety of technology settings, and assess the exposures from ineffective or missing control practices.
Bachelor’s degree in a business related field with focus on information systems. Additional certification, such as CPA, CISA, and CISSP or comparable, is desired.
At least 5 years of related, applicable experience in information systems, cyber security, auditing, and experience in a management/supervisory role. Specifically, applicable experience would include a mixture of public accounting (Big 4) information systems, and IT Internal Audit function of a publicly traded company within the high technology / payment industry. The candidate should have knowledge and experience with professional standards, including COBIT.
Experience working with SOX, PCI compliance, and SOC1/2 review.
Extensive knowledge of system development life cycle concepts with an ability to quickly learn a complex, distributed computing and open source environment, including AGILE development and continuous integration concepts.
Solid understanding of internal control concepts with the ability to evaluate and determine the adequacy of controls by considering business and technology risks in an integrated manner, including appropriate segregation of duties, where applicable.
Experience and understanding of key audit concepts such as frameworks, control design and operating effectiveness, basic IT audit areas (application, system, development, security, operations, IT general controls, etc.)
Ability to work independently by planning and executing each audit project from start to finish.
The willingness to go “above and beyond” to fully understand and stay abreast of external and internal factors that may have an effect on Square’s business.
Experience with Oracle Systems.