IT Audit Manager
GitLab
full-time
Posted on:
Location Type: Remote
Location: United States
Visit company websiteExplore more
Salary
💰 $92,400 - $198,000 per year
About the role
- Lead end-to-end IT audits covering SOX compliance, multi-cloud infrastructure (AWS, Azure, GCP), AI/ML systems, and application controls in complex environments.
- Design and execute testing of IT general controls, application controls, and entity-level controls, turning findings into clear, actionable improvements for technology and business teams.
- Manage the IT SOX program from planning through reporting, including risk-based scoping, coordination of co-source providers, documentation of risk and controls, and tracking of remediation efforts.
- Collaborate with engineering, IT operations, security, and business process owners to assess emerging risks, review new system implementations, and advise on practical, effective control designs.
- Drive audit innovation by using data analytics, automation, and GenAI tools to streamline procedures, implement continuous monitoring, and enhance audit quality and insight.
- Conduct walkthroughs and control evaluations across key financial statement processes (record to report, order to cash, hire to retire, procure to pay) and review SOC 1/SOC 2 reports for third-party vendors.
- Prepare clear, concise audit reports that explain issues, business impacts, and prioritized recommendations to senior leadership and other stakeholders.
- Mentor junior auditors and contribute to the evolution of IT audit methodologies, with a focus on emerging technologies, cybersecurity controls, and segregation of duties.
Requirements
- Experience leading end-to-end IT audit and SOX compliance programs in complex, fast-changing technology environments, including planning, fieldwork, reporting, and follow-up.
- Applied knowledge of IT general controls, application controls, entity-level controls, and key financial statement cycles (record-to-report, order-to-cash, hire-to-retire, procure-to-pay).
- Working knowledge of IT control and security frameworks (such as COBIT, NIST, ITIL, ISO 27001 and COSO) and how to interpret and apply them across cloud, on-premises, and hybrid environments.
- Hands-on familiarity with cloud platforms (for example AWS, Azure, GCP), cybersecurity concepts (network security, encryption, identity and access management, vulnerability management), and modern development practices (Agile, DevOps, or DevSecOps).
- Experience using data analytics, automation, and audit tools to design and execute testing, perform continuous monitoring, and improve audit quality and efficiency.
- Ability to translate technical risks and control issues into clear, actionable recommendations for business and technical stakeholders, including creating concise, executive-ready reports.
- Experience mentoring or guiding junior team members, collaborating with cross-functional partners, and managing multiple concurrent engagements with a self-directed, service-oriented approach.
- Bachelor's degree in Accounting, Information Technology, Computer Science, Finance, or a related field, and at least one relevant professional certification (for example CPA, CIA, CISA, CISSP, CISM, CRISC, or equivalent); candidates with transferable skills or adjacent backgrounds are encouraged to apply.
Benefits
- Benefits to support your health, finances, and well-being
- Flexible Paid Time Off
- Team Member Resource Groups
- Equity Compensation & Employee Stock Purchase Plan
- Growth and Development Fund
- Parental leave
- Home office support
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard Skills & Tools
IT auditsSOX complianceIT general controlsapplication controlsentity-level controlsdata analyticsautomationcloud platformscybersecurity conceptsmodern development practices
Soft Skills
mentoringcollaborationcommunicationproblem-solvingservice-oriented approachself-directedleadershipreportingactionable recommendationscross-functional partnership
Certifications
CPACIACISACISSPCISMCRISC