IT Audit Manager - Rapid7
Boston, MA
About the Job
In this role, you will help define the way Internal Audit maximizes value for the organization. Your responsibilities will include executing walkthroughs and testing in relation to Sarbanes-Oxley compliance, performing operational/technology audits identified in the annual audit plan and partnering with stakeholders to identify risks and improvement opportunities.
About the Team
The IT Audit Manager will be part of a three person audit team within Rapid7. Together with external resources, the team executes their vision of being a trusted advisor that drives continuous improvement and delivers actionable, timely insights to increase value to the organization. The Internal Audit function executes the annual audit plan, performs testing of SOX internal controls and is a key contributor on compliance related projects.
About the Role
This position reports to the Director of Internal Audit. This role will focus on leading all aspects of SOX compliance for IT general controls and IT audit plans. You will partner with the Director of Internal Audit in conducting IT risk assessments and planning the audit scope and carry out related work programs to meet our objectives.
In this role, you will:
Engage with IT stakeholders to define, standardize, and continuously update business processes, relevant risk points and key controls in line with changes in the organization and risk landscape;
Enhance the overall audit approach for ITGCs to evaluate effective/consistent execution of key controls, risk management, and prudent use of resources and automation;
Oversee external resources and manage the SOX ITGC testing efforts;
For identified control deficiencies, partner with the control owner to identify mitigating key controls, develop a remediation plan and document our assessment of the severity of the control deficiency;
Execute operational and/or information technology audits as determined in the annual audit plan or requested by the Audit Committee / Management;
Prepare internal audit reports and presentations with clear messaging and action items that are practical and cost-effective that address root causes;
Develop and provide stakeholder training to raise awareness, ownership, and accountability for strong controls and standard processes.
The skills you’ll bring include:
5 or more years related experience in IT audit within Public Accounting, Internal Audit, or Information Systems. Big 4 experience preferred.
In-depth knowledge on IT risks and controls with a solid baseline understanding of business processes.
Relevant professional certification, or plan to acquire professional certification within 1 year (CISA, CISSP, CRISC, CISM); certification in the audit field is a plus (CPA, CIA).
Bachelor’s degree or higher in Information Systems, Accounting, Finance, or related field.
Practical experience with audit methodologies, including Sarbanes-Oxley (SOX), IIA standards and enterprise risk methodologies.
Creative problem solver with ability to quickly assess a situation/process, identify potential risks or issues, and recommend practical solutions.
Proactive and curious approach to learning and adopting new technologies.
Experience with AuditBoard SOXHUB platform.
#LI-KC1
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, age, national origin, disability, protected veteran status or any other status protected by applicable national, federal, state or local law.