Director of IT Audit


March 19, 2021

San Francisco, CA 94103, US

Company Description
Twitter is what’s happening and what people are talking about right now. For us, life's not about a job, it's about purpose. We believe real change starts with conversation. Here, your voice matters. Come as you are and together we'll do what's right (not what's easy) to serve the public conversation.
Job Description
Twitter is recruiting a Director of IT Audit to partner with the Head of Internal Audit to lead and scale the IT Audit function at Twitter. In this strategic leadership role, you will have the opportunity to assess technology risk across the company, provide advice to senior leadership, and enable bold outcomes. You will devise audit strategies to provide assurance and improve processes. You will oversee the execution of IT SOX, ISO 27002 and SOC 2 internal audit efforts, privacy and cybersecurity projects, M&A due diligence, system implementations, product launches and other business initiatives.
The Director of IT Audit will be responsible for providing continual oversight over an efficient and effective internal control testing framework, evaluating control deficiencies, interacting with external auditors and identifying practical and appropriate approaches for control remediation. You will be responsible for leading the IT Audit team (a combination of internal resources and third-party consultants) and ensuring career and skill development for your team. The ideal candidate will bring a solution-oriented mindset and risk-based approach to identifying, evaluating, and addressing critical technology risks and the relevant business and governance processes; and will partner extensively with the Finance, Engineering, IT, Legal and Security teams at Twitter.
What You'll Do
This role will be responsible for leading or directing the following:

  • Developing the annual technology audit plan and schedule using a risk-based approach, creating a pipeline of projects related to operational compliance, regulatory compliance, and controls over financial reporting

  • Planning for and auditing processes and controls across the company to ensure security, accuracy, completeness, effectiveness and reliability with limited supervision

  • Partnering with business / functional management to understand their objectives, identify potential issues and the root causes, make value added and practical recommendations and ensure those recommendations are implemented on a timely basis

  • Overseeing and managing Sarbanes-Oxley (SOX), ISO 27001/2 and SOC 2 testing and walkthroughs, assisting external auditors with interim and year-end audit work

  • Assisting the Head of Internal Audit in annual Enterprise Risk Management activities

  • Exercising business judgment to prioritize and evaluate level of risk

  • Preparing clear, written, fact-based reports for board and management use and working with management on documenting action steps to reduce risk

  • Managing assigned projects within a team, such as audit planning, board report preparation, or providing training on emerging issues

  • Presenting regular status updates to the audit team and to business management

  • Conducting specific privacy audits as needed, at the direction of Legal

Who You Are

  • Experience in Media or Technology, including data analysis and online advertising systems and concepts

  • Experience with Oracle and Workday ERP systems and proficient with open source software tools (e.g. Hadoop, Git, Jenkins, Chef, Puppet, Nagios), Atlassian products and GRC tools.

  • Big 4 Experience a plus

  • Excellent communication skills, both written and oral - this position is required to evaluate and communicate to senior leadership potential deficiencies concerning the company’s IT controls in a persuasive, factual manner

  • Strong analytical skills and ability to quickly grasp business needs and objectives

  • You are a self-starter who is results driven and possesses a strong sense of urgency

  • Demonstrated history of leading a team of professionals and developing and growing your team through skills development and increasing scope

  • Strong project management skills

  • Proven ability to develop relationships with senior leadership teams and build credibility quickly

  • Comfortable in a fast-paced, ever-changing, rapid-growth, fun environment


  • Bachelor's Degree, preferably IT or business related

  • 12+ years of public accounting, internal auditing or related technology audit / compliance experience

  • Strong technical knowledge in multiple compliance frameworks including: SOX, ISO 27001/2, SOC 2, PCI DSS

  • Strong compliance and risk management skills: CISA, CISM, CISSP Certification desirable

  • Experience auditing open source software tools (e.g. Hadoop, Git, Jenkins, Chef, Puppet, Nagios), Atlassian products and GRC tools

Additional Information

A few other things we value:

  • Diversity - Diversity makes us a better organization and team. We value a diverse set of backgrounds, ideas, and experiences.

  • Innovation - We value naturally inquisitive candidates who are interested in building new skills and will be excited by digital technologies.

  • Data-Driven - We aim to influence outcomes across Twitter with insights enabled by technology, analytics, and expertise.

We are committed to an inclusive and diverse Twitter. Twitter is an equal opportunity employer. We do not discriminate based on race, ethnicity, color, ancestry, national origin, religion, sex, sexual orientation, gender identity, age, disability, veteran status, genetic information, marital status or any other legally protected status.
San Francisco applicants: Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.