Director, IT Internal Audit

About The Position

Requirements

• Minimum of 15+ years of experience, preferably with a mix of external audit/consulting and in-house internal audit experience within publicly traded companies.
• Bachelor's/Master's degree in a relevant field such as computer science, management information systems, software engineering, or equivalent experience.
• Demonstrated expertise in designing, implementing, and assessing IT General Controls (ITGCs) and application controls in a SOX-compliant environment.
• Deep understanding of common IT control frameworks as they pertain to IT SOX compliance in an engineering environment, with a strong emphasis on the COSO framework.
• Deep knowledge of technology environments/controls, including both 3rd party (e.g., AWS, GCP) and home-grown systems, and associated security and compliance considerations relevant to SOX.
• Mission-driven, enthusiastic to learn and grow; team-oriented with a positive attitude and able to work in a hyper-growth, fast-paced environment.
• Excellent written and verbal communication skills, with the ability to articulate complex technical and compliance concepts to both technical and non-technical audiences.
• Strong risk management experience, including performing assessments and audits, driving issue impact discussions, and the ability to think strategically about remediation strategies.

Responsibilities

• Establish and own relationships with senior Engineering and IT partners as their strategic risk advisor on establishing internal controls and process efficiencies, providing insight and direction on risk management and SOX compliance.
• Build and lead a team of risk and control professionals (both internal and external resources) who possess the knowledge and technical capability to drive value-based audits.
• Develop, implement, and maintain Databricks’ IT SOX compliance strategy and framework, ensuring alignment with business objectives and regulatory requirements, with a focus on scalability and establishing a common control framework.
• Implement an IT risk assessment process and develop and own the annual IT internal audit plan for relevant engineering and IT systems and processes.
• Serve as the subject matter expert and key contact for technology risks and controls within the organization, and be an insightful resource for strategizing on implementing controls in an efficient and effective manner, while balancing the pace and velocity of the organization.
• Recommend controls to be implemented as part of the new system and process implementations, and collaborate with teams on controls implementation.
• Lead and manage IT risk assessments, integrated audits, and/or process reviews, including but not limited to cyber security, privacy, and infrastructure internal audits.
• Continuously help improve the company’s ability to mitigate IT risks and develop recommendations on how to integrate controls as part of daily operations.
• Collaborate closely with external auditors, providing necessary documentation, evidence, and support for IT SOX audits and other compliance assessments.

Benefits

• Comprehensive benefits and perks that meet the needs of all employees.
• Eligibility for annual performance bonus.
• Equity options.