IT Auditor

This position reports to the Compliance Manager and works with various organizations within the company to help implement and maintain standards, policies, plans, processes, procedures, and other documentation/s or activities as required to meet corporate compliance requirements. This position will mainly manage internal audits conducted by Compliance team, facilitate external audits, track audit related activities and matrices, and communicate results to management. Key responsibilities include testing internal controls, identifying security risks, coordinating audits, maintaining evidence, monitoring implementation of recommended actions, offering insights for process improvement, and providing training on audit protocols.

Must Have

• 3-4 years of experience as a lead IT Auditor
• Audit Methodology, planning, scoping, testing and reporting IT audit
• Risk and control Identification and analysis
• Clear understanding of IT audit methodologies
• Able to independently manage and complete audit tasks and/or compliance projects from beginning to end
• Experience with security/technical controls that include SOC 1 Type 2, SOC 2 Type 2, ISO27001, ISO 27017, ISO 27018, ISO 27701, C5 or similar compliance frameworks
• General knowledge of IT systems, DevOps, security, AWS/Azure/GCP, GRC tools
• Well-versed in compliance guidelines and best practices
• Strong attention to detail with an analytical mind and outstanding problem-solving skills
• Ability to maintain confidentiality
• Ability to build strong relationships across cross-functional teams
• Strong technical writing and research skills
• Excellent communication, coordination, and negotiation skills

Good to Have

• Familiarity with tools such as JIRA, SNOW, Salesforce, etc.
• Process Improvement
• Process Automation
• Agile auditing
• Certificates such as CISA

Perks & Benefits

• Health and wellness coverage: Medical, dental, and vision insurance
• Disability coverage: Short-term and long-term disability
• Life protection: Life insurance and Accidental Death & Dismemberment (AD&D)
• Additional life coverage options: Supplemental life insurance for employees, spouses, and children
• Flexible spending accounts for health care, and dependent care; limited purpose flexible spending account
• Financial security: 401(k) Savings and Investment Plan with company matching
• Time off benefits: Flexible vacation policy
• Holidays: 8 paid holidays annually
• Sick leave
• Parental support: Paid parental leave
• Employee Assistance Program (EAP) and Care Counselors
• Voluntary benefits: Legal Assistance, Critical Illness, Accident, Hospital Indemnity and Pet Insurance options
• Health Savings Account (HSA) with employer contribution

This position reports to the Compliance Manager and works with various organizations within the company to help implement and maintain standards, policies, plans, processes, procedures, and other documentation/s or activities as required to meet corporate compliance requirements.

This position will mainly manage internal audits conducted by Compliance team, facilitate external audits, track audit related activities and matrices, and communicate results to management.

Key responsibilities:

Audit:

• Test internal controls to verify their design and effectiveness, often in relation to specific requirements such as but not limited to SOC, ISO, C5, internal policies, etc.
• Identify and assess potential security risks, vulnerabilities, and control gaps within the technical environment.

Coordination and Organization:

• Organize and facilitate the audit process, ensuring it runs smoothly and efficiently. This includes coordinating with internal teams, and possible other compliance partners. This involves scheduling, planning, and conducting audits under minimal guidance from the Compliance Manager.
• Maintain and organize the audit evidence

Reporting:

• Maintain and organize the audit evidence

Follow-up:

• Monitor and ensure the implementation of recommended actions to address identified issues/finding/s, risks and improvements.
• Stay updated on evolving IT trends, audit practices, to provide expert advice.
• Monitor the controls which had gaps/issues/need improvements.
• Offer insights and suggestions for improving business processes, policies and procedures

Training:

• Provide training to different teams on audit protocols
• Able to explain what controls means and what evidence is needed to stakeholders

Other relevant duties as assigned.

Within the first month:

You will be trained on the products and Services, the team’s current responsibilities, Compliance resources, internal processes, and various teams we work with.

You will have demonstrated accuracy and attention to detail in your contribution.

Within 3 months:

You will have demonstrated familiarity with the products’ environment, controls associated with those products, business processes, and stakeholders.

You will have been exposed to the current state efforts and deliverables and will increasingly assume ownership of the responsibilities expected for this position mentioned in the “Key Responsibilities” section above.

Within 1 year:

You will independently lead the planning, preparation and completion of an audit following defined standards and deadlines. You should be able to provide an audit report which includes findings and recommendations within internal tools and work with internal teams on remediation.

You will be setting and promoting high standards of audit work and ensuring high standard quality audit reports are delivered consistently, suggesting beneficial changes to audit methodologies and procedure.

Requirements:

• MUST HAVE
• 3-4 years of experience as a lead IT Auditor with following competencies-
• Audit Methodology, planning, scoping, testing and reporting IT audit
• Risk and control Identification and analysis
• Clear understanding of IT audit methodologies.
• Able to independently manage and complete audit tasks and/or compliance projects from beginning to end
• Experience with security/technical controls that include SOC 1 Type 2, SOC 2 Type 2, ISO27001, ISO 27017, ISO 27018, ISO 27701, C5 or similar compliance frameworks
• General knowledge of IT systems, DevOps, security, AWS/Azure/GCP, GRC tools
• Well-versed in compliance guidelines and best practices
• Strong attention to detail with an analytical mind and outstanding problem-solving skills.
• Ability to maintain confidentiality
• Ability to build strong relationships across cross-functional teams
• Strong technical writing and research skills
• Excellent communication, coordination, and negotiation skills

Good to have experience

• Familiarity with tools such as JIRA, SNOW, Salesforce, etc.
• Process Improvement
• Process Automation
• Agile auditing
• Certificates such as CISA

Benefits and Compensation listed vary based on the location of your employment and the nature of your employment.

As a part of the total compensation package, this role may be eligible for the Corporate Bonus Plan or a role-specific commission, along with potential eligibility for equity participation. Maintains broad salary ranges for its roles to account for variations in knowledge, skills, experience, market conditions and locations, as well as reflect differing products, industries, and lines of business. Candidates are typically placed into the range based on the preceding factors as well as internal peer equity. We estimate the base salary, for US-based employees, will be in this range from (min-mid-max, USD):

$46,100 - $65,900 - $85,700

Benefits Overview

1. Health and wellness coverage: Medical, dental, and vision insurance

2. Disability coverage: Short-term and long-term disability

3. Life protection: Life insurance and Accidental Death & Dismemberment (AD&D)

4. Additional life coverage options: Supplemental life insurance for employees, spouses, and children

5. Flexible spending accounts for health care, and dependent care; limited purpose flexible spending account

6. Financial security: 401(k) Savings and Investment Plan with company matching

7. Time off benefits: Flexible vacation policy

8. Holidays: 8 paid holidays annually

9. Sick leave

10. Parental support: Paid parental leave

11. Employee Assistance Program (EAP) and Care Counselors

12. Voluntary benefits: Legal Assistance, Critical Illness, Accident, Hospital Indemnity and Pet Insurance options

13. Health Savings Account (HSA) with employer contribution

is an equal opportunity employer and we welcome all qualified candidates to apply to join our team. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, protected veteran status, or any other category protected by applicable law.

Alternative methods of applying for employment are available to individuals unable to submit an application through this site because of a disability. Contact applicationassistance@sailpoint.com or mail to 11120 Four Points Dr, Suite 100, Austin, TX 78726, to discuss reasonable accommodations. NOTE: Any unsolicited resumes sent by candidates or agencies to this email will not be considered for current openings.