Overview
Intuit’s Finance team drives business growth and profitability through strategic, financial and operational leadership. Come join the Finance team as a SOX IT Program Manager with the Internal Audit team. Internal Audit supports the achievement of Intuit’s goals through trusted partnerships, objective risk identification, and innovative audit services.
What you'll bring
- 7+ years of progressive internal audit experience in either Big 4 public accounting, and/or in industry, including at least 3-5 years of supervisory responsibility
- Bachelor’s or Master’s degree in a relevant discipline (e.g. Computer Science) or equivalent experience
- CISA, CISM and/or CISSP certifications preferred
- Demonstrated knowledge of technology risks, including direct experience evaluating the effectiveness of cybersecurity, privacy and engineering controls
- Working knowledge of information technology best practices and control frameworks such as NIST CSF, ISO27001 and COBIT
- Demonstrated influencing skills including the ability to explain complex topics in simple terms and inspire transformational improvement in internal controls
- Excellent written & verbal communication and presentation skills
How you will lead
As an individual contributor manager (managing 3rd party resources in a co-sourced model) you will lead SOX IT audits. You will work with the Engineering, IT, Security and Privacy functions of this fast-paced, rapidly changing business, and directly with key stakeholders to drive SOX compliance. You have a strong background in IT SOX and are excellent at communicating vertically and horizontally across the company. You will be comfortable working cross-functionally and providing technical guidance to the SOX team and key stakeholders..
Core Responsibilities Include
- Manage and direct the work streams related to IT SOX compliance including IT General Computer Controls (ITGCC), Segregation of Duties (SOD) controls, and application controls.
- Provide oversight and review of end to end control walkthroughs, documentation and quality assurance for all SOX IT areas.
- Provide technical support in the assessment, design and implementation of IT General Computer Controls (ITGCC) and IT application control requirements.
- Review control evidence for adherence to accuracy, completeness and precision of control execution for all ITGCC including control gaps and findings identified by management.
- Review test findings, facilitate the remediation of IT Automated/Application (ITAC) control gaps, and escalate possible critical issues to senior management within IT.
- Review control evidence for adherence to accuracy, completeness and precision of control execution for all ITGC and ITACs.
- Participate in systems upgrades and enhancements, as necessary, to review that internal controls over financial reporting are adequately identified and addressed.
- Review test findings, facilitate the remediation of ITGC control gaps, and escalate possible critical issues to senior management within IT.
- Guide the SOX planning, scoping and execution of audits primarily in areas associated with technology and technology-related risks (e.g. cybersecurity, privacy, and business resilience) including reviews of new and enhanced products and supporting systems, process changes and system implementations.
- Gain agreement from the business on the root cause of issues and appropriate corrective actions while maintaining positive relationships and independence.
- Work with management and users to interpret the significance of audit findings, conclude on findings, make practical recommendations, and verify that remediation plans are implemented.
- Lead the report drafting process including framing of audit observations within the relevant business context, formulation of practical recommendations that balance stakeholder needs, and development of useful insights for management.
- Demonstrate strong technical skills and understanding of key security, privacy, agile engineering practices.