This job has expired, please see additional jobs below
Senior IT Risk & Controls Specialist
Autodesk
San Francisco, CA, United States
Job Details - this job has expired, please see similar jobs below
Overview
Do What’s Next. We are looking for a dynamic team member to support the Information Security, Risk and Controls program in an energetic and fast-paced IT organization. The candidate will have solid knowledge of and experience in IT risk and control management and internal audit practices. The candidate will be able to drive process and control improvements and partner with owners and stakeholders to affect change.
Responsibilities
• Lead the assessment and documentation of IT and information security controls as part of on-going compliance efforts (SOX, SSAE-16 SOC, etc.):
◦ Ensure effective and efficient control design, implementation and testing procedures
◦ Evaluate control gaps and deficiencies and propose remediation strategies; monitor timely resolution
◦ Establish metrics and reporting strategies to communicate status, demonstrate progress, and build awareness and accountability around control performance
◦ Identify process and control improvement / automation / consolidation opportunities
◦ Help increase the maturity of the overall control environment
• Work directly with Internal Audit on IT internal audit-related activities – planning and oversight of IT and security internal audits, walkthroughs, testing, documentation of findings, issue remediation, follow-up, etc.
• Work directly with IT and security process and control owners to provide support, education and recommendations for strengthening the internal control environment.
• Lead ongoing improvements to the IT risk and controls program strategy, implementation and communication.
Requirements
• Bachelor's degree ( Information Systems Management or Business Administration preferred), or equivalent work experience
• 5 years of relevant experience in IT Audit and / or Controls Assurance
• Knowledge of IT controls across multiple technologies – cloud, network, operating system, database, applications (ERP, SaaS, etc.), tools, etc – and processes:
◦ Access Management; Segregation of Duties (SOD)
◦ SDLC; Change Management; Configuration Management; Patch Management
◦ Information Security, Data Security
◦ Operations and Support; Disaster Recovery
• Experience developing and maintaining IT control documentation – control matrices, narratives, process flows, etc.
Desired Competencies / Qualifications
• Certified Information Systems Auditor (CISA) or equivalent professional certification (e.g., CRISC)
• Knowledge of and experience with:
◦ Sarbanes-Oxley (SOX)
◦ Governance, Risk, and Control (GRC) frameworks, approaches, tools, methodologies (i.e., NIST, COBIT, ISO, etc.)
◦ SSAE 16 SOC 1 and 2 attestations
◦ IT risk management, risk assessments
• Experience measuring compliance with IT policies / standards / guidelines across a variety of IT-related subject matters
• Self-starter; adaptable to change; motivated to set personal and program goals and proactively track performance against goals and initiatives
• Ability to manage multiple priorities – projects, deliverables, and stakeholders
• Excellent interpersonal skills, presentation skills, and verbal / written communication skills
• Previous experience in high-tech software company preferred
About Autodesk
Autodesk, Inc. is the world's leading Software Company for the manufacturing, building, media and entertainment fields. As a global leader in 3D design, engineering, and entertainment software, Autodesk helps people imagine, design, and create a better world. Autodesk accelerates better design through an unparalleled depth of experience and a broad portfolio of software to give customers the power to solve their design, business, and environmental challenges.
Life at Autodesk
Innovative. Rewarding. Respectful. These are words we hear every day from employees about life at Autodesk. We empower our customers with technology that impacts the world though better design and we start by empowering our employees to do their best work at home or in the office. We encourage employees to continuously grow their expertise, demonstrate true accountability and communicate honestly. You’ll enjoy a high quality of life and great benefits.