The IT Internal Audit Manager will serve as the primary contact point for all IT related SOX and audit matters including internal consultants and external auditors. Youll be heavily involved with managing the IT SOX program, review of ITGC testing and coordination of audit requests with the IT organization. Additionally, you will be identifying opportunities for improvement across the organization and developing audit plans to address and report on the associated risks.
This position is a unique blend of business partnering, process improvement, and management reporting that offers you a great opportunity to make a direct and immediate impact, coupled with a significant opportunity to grow and expand your scope of responsibilities as the Internal Audit function scales to support Rapid7s high growth business. The position will ideally be based in Boston at Rapid7 Global headquarters but could be remote or based out of one of our
satellite offices for the right candidate.
Manage IT SOX compliance program including internal consultant test plan, control test
review and reporting
Perform IT risk assessment and system scoping
Assess key risks and controls; and design innovative and appropriate broad based
coverage across in-scope systems, exhibiting exceptional judgment regarding issue
identification, issuing draft findings to business partner management, and drafting and
issuing final audit reports.
Work with business owners to improve operational efficiency and compliance efforts
Align with external auditors on ITGC test approach and reliance
Identify opportunities for process improvement across the IT organization and coordinate
with Finance teams for cross functional projects
Assist Internal Audit department lead develop and manage the audit plan, scheduling
resources, and other duties as assigned.
Consult on key management projects including Access and Vendor Management programs
Participate in robotic process automation project including identification and design of
business processes to automate
Demonstrates professional skepticism; present audit results in an objective manner
3-5 years of IT audit experience including IT risk management
Bachelor's degree in Information Technology or related major is required
CISA certification required
Proficiency in Microsoft Excel
AuditBoard and Enterprise GRC/ERP tools experience a plus
Demonstrated competency in IT audit including SOX and SOC regulations
Motivated with a strong desire to succeed, both individually and as part of a team
Strong self-awareness and interpersonal skills, able to build meaningful relationships at all
levels of the organization
Knowledge of information security management frameworks (e.g. ISO 27001, COBIT, ITIL,
NIST, Cybersecurity Framework)