Internal Audit Manager - IT Risks and Controls

Your Career

Palo Alto Networks is looking for a highly motivated and experienced IT Risks and Controls Audit Manager to join our Corporate Internal Audit team.

The role will focus on IT Risks, Processes, and Controls. As part of a collaborative team, you will be responsible for conducting and delivering IT Systems, Governance, and Processes Audits and Transformation advisory engagements in alignment with the fast-paced, dynamic environment of Palo Alto Networks (PANW). Your role will involve reviewing Information Technology management processes and governance, as well as effectively communicating IT risks to internal stakeholders. Additionally, you will play a key role in managing risks related to IT Systems, Processes, and Controls and supporting the company's rapid system transformation by introducing leading practices and new processes. 

The ideal candidate must be a proven leader, an exemplary project manager, proactive, confident in interacting with management and external stakeholders at all levels, bring business experience, passion, and have experience in using analytical tools, assessing strategic, financial, regulatory and technology risks, preferably in a technology industry.

The candidate must demonstrate the ability to adhere to our corporate core values of Disruption, Execution, Collaboration, Integrity and Inclusion.

Your Impact

• Plan, conduct, and report audit and advisory engagements related to IT Risks and Controls, IT Governance and processes, and IT Transformation processes to identify vulnerabilities and areas of concern.

• Collaborate with cross-functional teams, including Privacy, Business Resilience, IT, and Infosec, to identify and address audit findings through corrective actions, ensuring compliance with regulatory requirements within specified timelines.

• Lead research on current IT Risk and Controls issues and trends to formulate recommendations, and provide practical advice for corrective action, innovation, and continuous process improvements.

• Analyze audit data to identify trends, patterns, and potential issues. Ensure IT systems align with the company’s prescribed system development lifecycle.

• Lead the evaluation of new processes, policies, and systems to enhance organizational efficiency, effectiveness, and risk mitigation activities.

• Develop productive business partner relationships and engage with key management personnel to gather information and propose business process improvements.

• Stay updated on industry best practices and regulations related to IT system audits. Lead and mentor a team of auditors, providing guidance, training, and support.

Your Experience 

• Minimum of 8 years of IT Risk and Controls audit experience in a publicly traded company and/or public accounting firms. Previous experience in a technology company and/or Big 4 firms is preferred.

• Proven audit experience in Information Security, Privacy, Business Continuity Planning, System transformation and IT Governance including roles in external and/or internal audit with strong understanding of internal controls, IT processes, and technology risk principles.

• Strong understanding of the system development lifecycle. Proficiency Information Technology Application Controls (ITAC) and Information Technology General Controls (ITGC) as well as enterprise systems such as SFDC, SAP, or equivalent.

• Bachelor's degree in Information Technology, Cybersecurity or related field from an accredited institution. 

• Certified Information Systems Auditor (CISA) certification is mandatory, Certified in Governance of Enterprise IT (CGEIT) is preferred. CA, CPA, CIA or equivalent certifications will be a plus.

• Sound knowledge of relevant regulations and industry standards (e.g.,COBIT, ISO/IEC 27001, ISO/IEC 27701, ISO 22301, NIST, ITIL, COSO and IT Governance Frameworks). 

• Excellent communication and interpersonal skills, ability to interpret complex data and identify areas of improvement, along with ability to work independently and in a team environment.

• Strong analytical, problem-solving skills with attention to detail and strong project management skills to prioritize and manage multiple audits concurrently. Proficiency in using audit software, data analysis tools, and MS Office applications.

• Experience in operational audit will be a plus.

• Must be able to work in our Santa Clara, California office at least 3 days a week.

The Team

The Internal Audit team is responsible for managing and executing the company’s internal audit program and ensuring we are best in class.

You will be part of a dynamic, disruptive and fast paced team of highly specialized professionals with varied skill sets spread out between the US and India.

Compensation Disclosure

The compensation offered for this position will depend on qualifications, experience, and work location. For candidates who receive an offer at the posted level, the starting base salary (for non-sales roles) or base salary + commission target (for sales/commissioned roles) is expected to be between $111,000 - $180,500/YR. The offered compensation may also include restricted stock units and a bonus. A description of our employee benefits may be found here.

Our Commitment

We’re problem solvers that take risks and challenge cybersecurity’s status quo. It’s simple: we can’t accomplish our mission without diverse teams innovating, together.

We are committed to providing reasonable accommodations for all qualified individuals with a disability. If you require assistance or accommodation due to a disability or special need, please contact us at  accommodations@paloaltonetworks.com.

Palo Alto Networks is an equal opportunity employer. We celebrate diversity in our workplace, and all qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or other legally protected characteristics.

All your information will be kept confidential according to EEO guidelines.