Twitter is what’s happening and what people are talking about right now. For us, life's not about a job, it's about purpose. We believe real change starts with conversation. Here, your voice matters. Come as you are and together we'll do what's right (not what's easy) to serve the public conversation.
Twitter is recruiting a Director of IT Audit to partner with the Head of Internal Audit to lead and scale the IT Audit function at Twitter. In this strategic leadership role, you will have the opportunity to assess technology risk across the company, provide advice to senior leadership, and enable bold outcomes. You will devise audit strategies to provide assurance and improve processes. You will oversee the execution of IT SOX, ISO 27002 and SOC 2 internal audit efforts, privacy and cybersecurity projects, M&A due diligence, system implementations, product launches and other business initiatives.
The Director of IT Audit will be responsible for providing continual oversight over an efficient and effective internal control testing framework, evaluating control deficiencies, interacting with external auditors and identifying practical and appropriate approaches for control remediation. You will be responsible for leading the IT Audit team (a combination of internal resources and third-party consultants) and ensuring career and skill development for your team. The ideal candidate will bring a solution-oriented mindset and risk-based approach to identifying, evaluating, and addressing critical technology risks and the relevant business and governance processes; and will partner extensively with the Finance, Engineering, IT, Legal and Security teams at Twitter.
What You'll Do
This role will be responsible for leading or directing the following:
Developing the annual technology audit plan and schedule using a risk-based approach, creating a pipeline of projects related to operational compliance, regulatory compliance, and controls over financial reporting
Planning for and auditing processes and controls across the company to ensure security, accuracy, completeness, effectiveness and reliability with limited supervision
Partnering with business / functional management to understand their objectives, identify potential issues and the root causes, make value added and practical recommendations and ensure those recommendations are implemented on a timely basis
Overseeing and managing Sarbanes-Oxley (SOX), ISO 27001/2 and SOC 2 testing and walkthroughs, assisting external auditors with interim and year-end audit work
Assisting the Head of Internal Audit in annual Enterprise Risk Management activities
Exercising business judgment to prioritize and evaluate level of risk
Preparing clear, written, fact-based reports for board and management use and working with management on documenting action steps to reduce risk
Managing assigned projects within a team, such as audit planning, board report preparation, or providing training on emerging issues
Presenting regular status updates to the audit team and to business management
Conducting specific privacy audits as needed, at the direction of Legal
Who You Are
Experience in Media or Technology, including data analysis and online advertising systems and concepts
Experience with Oracle and Workday ERP systems and proficient with open source software tools (e.g. Hadoop, Git, Jenkins, Chef, Puppet, Nagios), Atlassian products and GRC tools.
Big 4 Experience a plus
Excellent communication skills, both written and oral - this position is required to evaluate and communicate to senior leadership potential deficiencies concerning the company’s IT controls in a persuasive, factual manner
Strong analytical skills and ability to quickly grasp business needs and objectives
You are a self-starter who is results driven and possesses a strong sense of urgency
Demonstrated history of leading a team of professionals and developing and growing your team through skills development and increasing scope
Strong project management skills
Proven ability to develop relationships with senior leadership teams and build credibility quickly
Comfortable in a fast-paced, ever-changing, rapid-growth, fun environment
Bachelor's Degree, preferably IT or business related
12+ years of public accounting, internal auditing or related technology audit / compliance experience
Strong technical knowledge in multiple compliance frameworks including: SOX, ISO 27001/2, SOC 2, PCI DSS
Strong compliance and risk management skills: CISA, CISM, CISSP Certification desirable
Experience auditing open source software tools (e.g. Hadoop, Git, Jenkins, Chef, Puppet, Nagios), Atlassian products and GRC tools
A few other things we value:
We are committed to an inclusive and diverse Twitter. Twitter is an equal opportunity employer. We do not discriminate based on race, ethnicity, color, ancestry, national origin, religion, sex, sexual orientation, gender identity, age, disability, veteran status, genetic information, marital status or any other legally protected status.
San Francisco applicants: Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.
Diversity - Diversity makes us a better organization and team. We value a diverse set of backgrounds, ideas, and experiences.
Innovation - We value naturally inquisitive candidates who are interested in building new skills and will be excited by digital technologies.
Data-Driven - We aim to influence outcomes across Twitter with insights enabled by technology, analytics, and expertise.