IT Audit Manager (SOX, NIST CSF, CIS) - Hybrid in Pomona, CA
$129,000 - $160,000/Yr
NTT DATA - Pomona, CA
posted about 1 month ago
Full-time - Mid Level
Remote - Pomona, CA
10,001+ employees
Professional, Scientific, and Technical Services
About the position
The IT Audit Manager will lead the Internal Audit Program at NTT DATA, focusing on SOX compliance and other regulatory frameworks. This role involves managing audit engagements, conducting assessments, and developing mitigation measures for identified risks. The position requires collaboration with various teams to ensure adherence to compliance standards and the implementation of effective IT controls.
Responsibilities
- Develop and maintain cross-organizational relationships and strategic partnerships with control owners and privacy leaders.
- Champion a culture of security for risk reduction and business enablement through proactive IT controls and audit training.
- Understand and implement procedures for company-wide adherence to SOX and other compliance programs.
- Develop Annual Audit Plan and lead execution and maintenance of annual audit scope including SOX.
- Collect and manage evidence of adherence to regulatory requirements for internal and external inspection.
- Establish meeting and reporting cadence to provide regular Audit Program Updates to stakeholders.
- Lead and participate in IT-related Sarbanes-Oxley compliance efforts, including documentation, testing, and remediation activities.
- Collaborate with cross-functional teams to identify key IT controls and assess control effectiveness.
- Coordinate and process regular IT control testing to validate compliance with SOX requirements.
- Assess and evaluate IT General Controls related to access management and change management.
- Identify control gaps or weaknesses and work with IT teams to design and implement effective control measures.
- Educate and assist staff in understanding information security controls and compliance activities.
- Serve as a liaison between internal and external auditors and IT departments during audits.
- Prepare and provide necessary documentation and evidence to auditors.
- Develop recommendations and support toward implementing the recommendations by collaborating with system owners.
- Partner with IT Control Owners to resolve control failures identified through risk assessments.
- Assist in the development, implementation, and maintenance of IT compliance policies and procedures.
Requirements
- 5+ years of experience managing IT audit engagements.
- 5+ years of experience conducting Gap Assessments and Regulatory Compliance Assessments.
- Application experience of SOX, ITIL, NIST 800-53, NIST CSF, NIST RMF, ISO27001, CIS Controls, and IT General Controls.
- Experience with audit methodologies, risk assessment, and control evaluations.
Nice-to-haves
- Attention to detail and ability to work independently and collaboratively.
- Excellent oral and written communication skills.
- Strong interpersonal, analytical, and problem-solving skills.
- Preferred Cloud experience with SOX.
- One or more professional certifications: CISA, CISM, CRISC, ISO Lead Auditor, or equivalent.
- Familiarity with project management practices and techniques.
- Experience working in a matrixed cross-functional environment.
Benefits
- Medical, dental, and vision insurance with employer contribution.
- Flexible spending or health savings account.
- Life and AD&D insurance.
- Short and long term disability coverage.
- Paid time off.
- Employee assistance program.
- Participation in a 401k program with company match.
