Technology Audit Manager

Intuit's Finance team drives business growth and profitability through strategic, financial and operational leadership. Come join the Finance team as a Technology Audit manager with the Internal Audit team. Internal Audit supports the achievement of Intuit's goals through trusted partnerships, objective risk identification, and innovative audit services.

As a member of Intuit's Internal Audit team, collaborate with colleagues and stakeholders to deliver operational, compliance and integrated audits with special emphasis on system implementations, cybersecurity and privacy.

As an individual contributor Technology Audit Program Manager, you will lead technology-focused audits with focus on security and privacy, primarily supporting Intuit's products and services. You would also be responsible for assessing risks, identifying weaknesses, and recommending improvements to the products and services.

Additionally, You will work with the Engineering, IT, Security, Privacy and other functions of this fast-paced, rapidly changing business, and collaborate directly with key stakeholders to drive assurance and advisory audits. You are excellent at communicating vertically and horizontally across the company and will be comfortable working cross-functionally and providing technical guidance to other teams within Internal Audit.

Core responsibilities include:

• Planning and Execution of Audit, including the development and implementation of internal audit plans. This includes defining the scope, frequency, and methods of audits, considering the importance of processes and previous audit results.
• Lead and guide audit teams. Oversee internal and external (co-sourced) resources to ensure the audit plan is being followed effectively and efficiently, timely and within budget. This involves directing the audit process, ensuring objectivity, and impartiality while maintaining a collaborative engagement model with security and compliance teams across Intuit.
• Conduct audits in accordance with standards and frameworks to assess controls and their effectiveness. This includes gathering information, reviewing documentation, assessing compliance, and identifying potential non-conformities.
• Prepare and distribute audit reports for internal stakeholders and external regulators. This involves documenting audit findings, observations, and recommendations for improvement. All observations and recommendations have to be socialized across the organization and corresponding management action plans, timelines and resourcing commitments will need to be in place prior to report finalization. Work with cross-functional teams, including IT, security, and other relevant departments, to ensure alignment and effective implementation of control improvements. This includes communicating both verbally and in writing across all levels of the organization prior to report finalization.
• Continuous program improvement. Identify trends, patterns, and potential issues, and use this information to inform future audit plans and control improvements in collaboration with the technical compliance team and other engineering partners. Assist the organization in understanding audit findings and developing corrective actions to address non-conformities.
• Other Key Responsibilities. Stay updated on key technology skills, industry best practices and regulations. Keep abreast of changes to the standards like ISO 27001, NIST and other relevant regulations. Lead and mentor a team of auditors: Provide guidance, training, and support to audit team members. Develop and maintain audit procedures and documentation: Ensure that audit processes are documented and followed consistently.

• 8+ years of progressive internal audit experience in either Big 4, and/or in SaaS/Fintech industry
• Bachelor's or Master's degree in a relevant discipline (e.g. Computer Science) or equivalent experience
• Third party vendor experience, including managing large technology compliance programs in a co-sourced model
• Strong knowledge and hands on experience in auditing platforms that are developed in the AWS cloud environment, utilizing microservices based modern techstack.
• Strong influencing capabilities, including the ability to simplify complex subjects and excellent written, verbal communication, and presentation abilities.
• Experience conducting audits within a complex operational and regulatory environment.
• Extensive program management background, skilled in managing large-scale, company-wide audit initiatives.
• Demonstrated knowledge of technology risks, including direct experience evaluating the effectiveness of cybersecurity, privacy and engineering controls.
• Strong working knowledge of information technology best practices and control frameworks such as ISO 27001, NIST CSF and ISO 42001
• AWS practitioner/associate, CISA or CISSP certifications preferred