Internal Audit Lead - IT Controls and Data Assurance

LambdaSan Jose, CA
91d
Match Resume

About The Position

We are seeking a highly skilled Internal Audit Lead – IT & Data Assurance to join our Internal Audit team, reporting directly to the Head of Internal Audit. This role will be primarily responsible for SOX compliance, IT controls, and data assurance activities for SaaS and third-party hosted business systems, with additional oversight of homegrown applications and systems as needed. The individual will lead testing and assurance projects related to IT General Controls (ITGCs), IT Automated Controls, and Key Report testing, while also driving advisory initiatives to strengthen IT governance, risk management, and data integrity across the enterprise. This is a Senior level role that combines hands-on testing and evaluation with leadership, oversight, and stakeholder engagement.

Requirements

  • Bachelor’s degree in Information Systems, Computer Science, Accounting, or related field.
  • CISA required; CISSP, CISM, or CPA/CIA preferred.
  • 8+ years of experience in IT audit, IT SOX compliance, or IT risk management, with strong focus on SaaS and third-party hosted systems.
  • Big Four accounting firm or equivalent experience in Internal or External Audit or IT consulting practice.
  • Deep expertise in ITGCs, IT Automated Controls, key report testing, and their relevance to ICFR, Internal audit methodology and IIA standards.
  • Experience assessing SOC 1 / SOC 2 reports and integrating vendor assurance into SOX programs.
  • Background in both SaaS environments and homegrown applications preferred.
  • Experience of working with audit management tools (e.g., AuditBoard, Archer, Workiva) to manage SOX and IT compliance programs.

Nice To Haves

  • Experience with data analytics and automated testing tools to enhance SOX testing efficiency and insights.
  • Exposure to emerging technologies such as cloud computing, cybersecurity, and RPA, and their control implications.
  • Prior experience working in a fast-growth or global organization, adapting SOX programs to evolving structures and complexity.
  • Familiarity with cybersecurity frameworks (e.g., NIST, ISO 27001, COBIT) and their application to IT risk management.
  • Experience with data governance and data integrity reviews, including testing controls over data migration, transformation, and reporting.
  • Prior involvement in system implementation or upgrade reviews for ERP, financial systems, or homegrown applications.
  • Exposure to DevOps, agile development, or CI/CD environments, including related ITGC and change management considerations.
  • Working knowledge of data analytics and automation tools (e.g., SQL, Python, ACL, Power BI) to enhance testing efficiency and assurance insights.

Responsibilities

  • Lead SOX IT testing and assurance activities for SaaS and third-party hosted business applications, including ERP, CRM, HR, procurement, and financial reporting systems.
  • Evaluate and test IT General Controls, automated business process controls, and key report logic across cloud-hosted platforms.
  • Collaborate with system administrators, business owners and SaaS vendors as needed to validate control design across all applicable IT control domains.
  • Assess vendor SOC reports to ensure adequate assurance over outsourced IT environments.
  • Assist in the annual IT SOX scoping and risk assessment process in alignment with the overall ICFR and SOX program.
  • Conduct and lead walkthroughs and design/effectiveness testing of IT controls across homegrown and third-party systems.
  • Coordinate evidence collection, manage remediation efforts, and ensure timely closure of audit gaps.
  • Oversee the work of co-sourced as well as internal team members and review their work to ensure high-quality, consistent results.
  • Identify control deficiencies and work with management to design effective remediation approaches and measures.
  • Monitor changes to business processes and apply independent judgement to evaluate the potential impact to the control environment and recommend necessary improvements.
  • Manage and update all ICFR / SOX 404 documentation as required including COSO framework mapping, process and control narratives/flowcharts, risk and controls matrix, and testing approach.
  • Apply professional skepticism and subject matter expertise to independently evaluate and conclude on control deficiencies and develop the necessary remediation actions and monitor their implementation in due time.
  • Act as the primary liaison with IT, Security, and Finance leadership for SaaS and IT SOX assurance.
  • Collaborate with external auditors to coordinate SaaS control testing approaches and reliance strategies.
  • Train business and IT process owners on SaaS control requirements, third-party assurance, and best practices.
  • Prepare high-quality reports and presentations on SaaS IT control results, data assurance findings, and remediation progress for executive leadership and the Audit Committee.
  • Communicate complex IT and SaaS control issues in business-friendly terms to non-technical stakeholders.
  • Stay current on emerging risks, regulations, and trends related to SaaS governance, IT risk, and data assurance.

Benefits

  • Health, dental, and vision coverage for you and your dependents.
  • Wellness and Commuter stipends for select roles.
  • 401k Plan with 2% company match (USA employees).
  • Flexible Paid Time Off Plan that we all actually use.

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume

What This Job Offers

Job Type

Full-time

Career Level

Senior

Education Level

Bachelor's degree

Job Search Resources

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service