About the Role
The Internal Audit [IA] Department is seeking a Technology Audit Manager, responsible for leading and executing Technology (security, privacy, etc.), Compliance, and Integrated audits in-line with the annual IA plan. You will be responsible for providing leadership to our SOX-IT program and be a mentor to junior members of the team. You will have the opportunity to lead a diverse and global team, work with a strong Technology Audit team, and collaborate with other IA groups. This is a highly visible, dynamic, and a fast paced role with frequent interaction with technology and business leaders across Gap Inc.
- The Technology Audit Manager will be responsible for leading and managing IT Audits/Assessments (e.g. Red Team, Attack Penetration, privacy, infrastructure, system implementations or other technical security projects), SOX 404 IT internal controls testing, and other operational areas as needed.
- Manage relationships with external auditors, IT Compliance team, and third-party vendor(s) to provide maximum benefit to the organization.
- Collaborate with stakeholders and stay abreast of major IT transformation projects, new/emerging risks, and changes in business operations.
- Assist in performing enterprise risk assessments (ERA) and developing an annual audit plan. Assist with quarterly updates presented to the Audit Finance Committee.
- Support IA framework through innovation by leading efforts around Robotic Process Automation [RPA], Data Analytics, and Benchmarking.
- Manage audit issues and effectively communicate with IA process owners/stakeholders.
- Lead multiple projects and deadlines, including ad hoc projects and special investigations.
Who you are
- BS degree in Management Information Systems, Business Information Systems, Computer Science, Computer Engineering, Business (Finance/Accounting), or equivalent degree required.
- Demonstrate working knowledge of COBIT, COSO, Privacy Regulations (CCPA, GDPR, etc.) and experience with PCI, CIS 20, NIST CSF or other IT and security frameworks.
- Strong technical understanding of e-commerce, cloud computing (Azure, Oracle), operating systems, applications, data repositories, and enterprise architecture is needed.
- Experience with Oracle based products (Fusion/Hyperion/etc.), UNIX, Active Directory/LDAP, Data Analytics and RPA tools (Blue Prism, Power BI, etc.), GRC tools (ServiceNow, MetricStream, etc.) and other IT Management tools (JIRA, Confluence) is desired.
- Strong interpersonal and project management skills, self-starter, results-oriented team player, ability to work remotely with minimal supervision, and multi-tasking ability.
- CISA, CISSP, CISM, CRISC, CIPP/CIPT or CCSP certification is preferred, MBA, CPA is a plus.
- 6-7+ years of experience related to SOX IT and IT Audit work is required, experience in retail industry is a plus.
- Willing to travel up to 10% to domestic and international locations.
- Results Orientation
- Customer Impact
- Learning Agility
- Strategic Orientation