Sr. Internal Audit Technology Manager
The Senior Manager, Internal Audit - Technology will be a key part of our Internal Audit function. This person will report to the Director of Internal Audit and will work directly with key business partners across Engineering, Security/Risk and Compliance, Biztech, and BizOps teams. The ideal candidate is enthusiastic about building companies and enjoys working in an innovative and evolving environment!
Internal Audit (IA) is an independent and objective function that helps Slack accomplish its objectives through independent reviews and assessments. We are highly collaborative, productive and passionate about driving results. We evaluate and provide recommendations to increase efficiency and scalability of processes, information systems, and underlying internal control environment. We also bring a systematic and disciplined approach to evaluate and improve the effectiveness of Slack’s governance and risk management processes.
Slack has a positive, diverse, and supportive culture—we look for people who are curious, inventive, and work to be a little better every single day. In our work together we aim to be smart, humble, hardworking and, above all, collaborative. If this sounds like a good fit for you, why not say hello?
What you will be doing
- Lead IT SOX compliance program and IT/Security internal audits in accordance with standards.
- Work with partners to ensure control documentation is updated for prioritization, testing and remediation.
- Assess audit findings / gaps including control weaknesses. Assist business partners with the development of management action plans.
- Coordinate with co-sourced providers, external auditors, internal leaders and process owners to ensure engagement and timely execution of audit work and the SOX compliance program.
- Participate in pre- and post- implementation system reviews and perform internal readiness assessments as needed.
- Provide internal control advisory services to management to assist in redesign efforts that improve the control environment.
- Conduct cybersecurity risk reviews and controls assessments to ensure our processes are consistent with industry leading practices.
What you should have
- 8-10+ years of Public Accounting (i.e. Big 4 Accounting firms) and/or experience in IT audit and SOX program management, ideally in a SaaS environment.
- One or more current qualifications - CISA, CRISC, CISSP, or CPA.
- Experience in crafting and evaluating internal controls associated with cloud based systems (e.g. Workday, AWS, Salesforce) and ability to understand and navigate sophisticated home-grown systems.
- Expert level knowledge of IT policies, laws, standards and frameworks applicable to the specific technical role e.g. COSO, ISO27001, ISO27017, ISO27018, ISO27701 and other related frameworks
- Expertise of IT risk, security architecture design, network security, cloud/mobile security, data security and internal/external threat intelligence/analysis.
- Experience with all aspects of regulatory, industry and contractual compliance, especially Privacy, Security, and Health Information Portability and Accountability Act (HIPAA) requirements for as they relate to IT a plus.
- Bachelor’s degree
Slack is registered as an employer in many, but not all, states. If you are not located in or able to work from a state where Slack is registered, you will not be eligible for employment.Visa sponsorship may not be available in certain remote locations.
Visa sponsorship is not available for candidates living outside the country of this position.
Slack is an Equal Opportunity Employer and participant in the U.S. Federal E-Verify program. Women, minorities, individuals with disabilities and protected veterans are encouraged to apply. Slack will consider qualified applicants with criminal histories in a manner consistent with the San Francisco Fair Chance Ordinance.
Slack has transformed business communication. It’s the leading channel-based messaging platform, used by millions to align their teams, unify their systems, and drive their businesses forward. Only Slack offers a secure, enterprise-grade environment that can scale with the largest companies in the world. It is a new layer of the business technology stack where people can work together more effectively, connect all their other software tools and services, and find the information they need to do their best work. Slack is where work happens.
Ensuring a diverse and inclusive workplace where we learn from each other is core to Slack’s values. We welcome people of different backgrounds, experiences, abilities and perspectives. We are an equal opportunity employer and a pleasant and supportive place to work.
Come do the best work of your life here at Slack.