Sr. Manager, IT Internal Audit

About The Position

Requirements

• Demonstrated ability to execute IT audit engagements end-to-end across complex technology environments; translates audit objectives into well-documented, risk-rated findings
• Deep, hands-on knowledge of IT general controls, SOX 404/302 IT support, and external auditor reliance strategies; experienced in deficiency assessment and Item 308(c) evaluation
• Fluent in information security audit, IAM, cloud security, and data governance risk; able to assess control design and maturity across diverse technology stacks
• Skilled in designing and building data-driven audit programs using Python, SQL, and BI tools; able to automate testing and scale continuous monitoring coverage
• Adept at building trusted relationships with CIO, CISO, Legal, and Data Governance without direct authority; able to communicate technical risk to non-technical audiences
• Skilled in producing polished, executive-ready audit reports and Audit Committee materials; able to translate technical findings into business-impact language and actionable recommendations
• Experienced in directing co-source partners and guiding junior audit staff with clarity and accountability; able to coordinate multi-party engagements across specialist and internal resources
• Naturally drawn to emerging technology risks (AI/ML, cloud connectors, digital franchise platforms); able to translate evolving trends into timely adjustments to the audit program
• Bachelor’s degree in Information Systems, Computer Science, Accounting, or related field
• CISA required
• NIST CSF and PCI-DSS audit framework familiarity expected
• 7+ years in IT audit, information security audit, or IT risk/compliance
• Meaningful IT SOX/ICFR experience at a public company, including ITGC coordination with co-source partners and Big 4 external auditors
• Experience contributing to an IT audit program in a co-source or influence model; able to work effectively alongside specialist and internal resources
• Hands-on experience with SAP environments and cloud data platforms (Snowflake, Azure, or AWS)
• Experience designing data analytics audit programs using Python or SQL across large, multi-source datasets

Nice To Haves

• CIA, CPA, CISSP, CRISC, or CISM a plus
• Restaurant, retail, or franchise sector experience a plus; multi-brand or multi-geography experience preferred
• Spanish or French a plus

Responsibilities

• Apply IT audit subject matter expertise across engagements; serve as a technical resource to Internal Audit team members and co-source partners
• Support the SOX ITGC program by coordinating with co-source partners on scoping, reviewing testing workpapers, and tracking deficiencies through remediation
• Execute audits of change management, access management, SDLC, computer operations, and IT regulatory compliance across corporate and brand domains
• Build and maintain audit data pipelines, analytical models, and testing procedures (Python, SQL, Power BI) in support of the Director’s continuous monitoring programs
• Advisor for cybersecurity, data governance, and privacy control assessments (NIST, PCI, CCPA)
• Support Optro GRC IT integration maintenance and data feed governance under the direction of the VP
• Contribute to analytics adoption across the Internal Audit function; develop reusable testing tools and support data infrastructure decisions in coordination with the VP
• Assist with IT risk assessments across brands and corporate in support of audit plan prioritization
• Support Internal Audit representation in cross-functional technology governance forums as directed
• Issue remediation tracking and closure; support special projects and VP advisory requests on technology risk matters

Benefits

• Comprehensive global paid parental leave program
• Free telemedicine
• Mental wellness support