Senior IT Audit Manager
TripAdvisor provides a unique, global work environment that captures the speed, innovation and excitement of a startup, at a thriving, growing and well-established industry brand. At TripAdvisor, you will be part of a dynamic, fun, and energetic team where you can immediately make meaningful contributions.
Were looking for an Senior IT Audit Manager to join us in Needham, MA who is a highly motivated individual and has passion for internal auditing to assist us in performing internal, compliance, and SOX audits. The Senior Manager will assist the Director of Internal Audit and SOX and other individuals from the management team with planning, organizing, and executing audits throughout the Company. The focus of Senior Manager will be related to audits of Information Systems environment and SOX general IT controls, with an emphasis on identifying and assisting management in minimizing the related risks. The scope of these activities includes complex audits related to system applications, web based applications, IT infrastructure, and information security on a global basis. The Senior Manager is expected to provide input and planning related work in support the completion of all audit work covering all projects, including aid in the annual Sarbanes Oxley internal control audit. The Senior IT Audit Manager will take a leadership role in expanding the use of information systems and technologies by the Internal Audit staff, increasing the overall efficiency and effectiveness of internal audit activities. In addition, the Senior IT Audit Manager will provide strategic assistance in the development of integrated systems designed to help manage, and monitor potential areas of risk, from both a financial and operational perspective. The Senior Manager will be responsible for helping with other TripAdvisor finance and accounting initiatives that go beyond performing internal audits.
Given the range of potential projects and audits, the manager must be adaptable and able to manage learning new concepts and risks.
- Proactively identify, share and discuss IT and business risks for respective areas assigned over the course of the year.
- Drive the Engineering Maturity Assessment that is used as a basis for IT audits.
- Work collaboratively with IT Management regarding 'General Controls' reviews and assessments. The scope of these activities will include participating on any related teams on a consultative basis.
- Collaborate with the IA team and respective organization managers to find new solutions to work more efficiently and effectively as a team.
- Plan, determine audit scope and objectives, set requirements, schedule, execute and document audit effort and results with advice and guidance from the Director.
- Document system work flows, key controls, risk & control matrices and narratives.
- Have the ability to manage up and manage down to ensure timely completion of the IT internal audit and SOX plans.
- Where applicable, oversee work of internal/consulting staff, including review of workpapers and ensuring adequate implementation of review notes.
- Provide guidance and support to junior staff in effort to improve on their individual skill set.
- Identify the root cause of specific problems, collaboratively work with relevant stakeholders in proposing recommendations and appropriate corrective actions to address any areas of concern.
- Apply information systems development, implementation and operation control concepts in a variety of technology settings, and assess the exposures from ineffective or missing control practices
- Identify opportunities and execute integrated audits jointly with the operational/process internal auditors, creating value-add internal control and business process improvement suggestions and recommendations, with emphasis on operational effectiveness, efficiency, and profit maximization.
- Provide the Director of Internal Audit and other audit stakeholders with frequent audit status updates.
- Aid in oversight of PCI compliance program activities.
- Prepare and review draft audit reports, and present audit reports to all levels of management.
- Assist in coordinating activities between the external auditors and consultants in support of the annual SOX certification.
- Fosters and builds strong working relationships with internal stakeholders.
- Proactively develop technical knowledge and sharing knowledge with team members.
- Have the flexibility to travel from 10-20% of the time, sometime internationally.
- Bachelors degree in accounting, business administration, management information systems or equivalent with a demonstrated high level of academic success.
- Advanced degree and/or professional certification such as CISA, CISSP is a plus.
- 7+ years of business experience in auditing (technology industry is preferred)
- Knowledge and experience with professional standards, including COBIT.
- Knowledge and experience with PCI.
- Experience with SOX and conducting operations, financial, and compliance audits.
- Knowledge and experience with complex IT systems, including Unix environments.
- Detailed understanding of COSO 2013 and internal controls over financial reporting.
- Public accounting and data analytics experience is a plus.
- Highly skilled in MS Excel and MS Word.
In addition, the ideal candidate will demonstrate the following competencies:
- Effective analytical, project management and communication skills.
- Flexible and open to change and new information; adapts behavior and work methods accordingly.
- Ability to understand and work within a fast-paced company and a complex technology environment.
- Organized, productive and detail oriented and able to work both independently and within teams.
- Ability to grasp issues of varying complexities in order to identify risks and opportunities to an organization.
- Ability to manage multiple audit projects and teams simultaneously and meet deadlines.
- Ability to aid management in developing and implementing new procedures and leading change.
- Treats colleagues and partners with respect.
- Exhibits integrity though fair and ethical behavior toward others and a demonstrated sense of corporate responsibility and commitment.