Cybersecurity Audit Manager

Overview
The Cybersecurity Audit Manager is responsible for leading, planning, and executing cybersecurity and IT audit/projects. In addition, they will be responsible for staying current on cybersecurity auditing practices, emerging cyber threats, industry regulatory changes, and internal company policy and process changes.
You will report directly to the Sr. Director of Internal Audit and SOX Compliance will work closely with co-sourced resources on key projects and initiatives and coordinate closely with the corporate security team. In addition, you will work across the organization and be comfortable engaging employees at all levels to ensure an efficient and effective control environment.
Do you want a "hands-on" role that provides high visibility to senior management within an exciting and high-growth business? Then, read on...
COME ON BOARD THE GOGO BUSINESS AVIATION INTERNAL AUDIT AND SOX COMPLIANCE TEAM!
How will you make a difference?

• Build an effective cybersecurity audit function and develop, implement, and maintain related audit policies and procedures in accordance with professional standards and best practices
• Provide strategic direction to the development of the cybersecurity risk universe, multi-year cybersecurity audit plan and related cybersecurity audit programs
• Oversee the execution of all phases of Cyber/IT audits, including, but not limited to, audit planning and scoping activities, identification and evaluation of risks, evaluation of efficiency and effectiveness of processes, systems, and controls, recommending improvements to processes or systems
• Collaborate with teams across the organization to enhance their understanding of cybersecurity controls to drive improved security compliance and management of risk
• Serve as the trusted advisor for cyber areas such as application security, network security, infrastructure, and security development
• Engage with management to perform risk assessments (IT SOX and Cybersecurity) over key areas that can impact the control environment and integrate results into the overall control design and communicate results to management
• Review the design of controls over key systems and assess and identify potential improvements to the control structure
• Lead the SOX testing program for IT controls and work with process/control and system owners to remediate control gaps identified, as needed
• Lead, plan, and execute Cybersecurity audits of key systems and processes and identify and communicate to management process enhancements to drive efficiency and effectiveness of business operations
• Participate in key initiatives related to system design and/or upgrade that impact financial reporting to ensure controls are designed into core processes and systems
• Provide regular status updates to management and the external auditors on key matters pertaining to the IT control environment

Qualifications

• Bachelor's Degree in Computer Science, Information Security/Technology, or Accounting/Finance
• 7-12 years of experience related to cybersecurity management, risk management, or IT SOX audit

Required Skills, Talents & Experience

• Knowledge of cybersecurity regulations, laws, and standards
• Understanding of cybersecurity processes and concepts (e.g., incident response, software development, security governance, cloud computing, SDLC, vendor risk management, penetration testing, vulnerability management, disaster recovery, segregation of duties, auditing and logging, physical security, access management, configuration management)
• Familiarity with the National Institute of Standards and Technology (NIST) Framework, SOX Compliance, and ISO/IEC 27000 series
• Leading SOC 2 readiness engagements from scoping to report issuance
• Experience with auditing IT applications and infrastructure (network infrastructure technologies (WAN/LAN), cybersecurity, active directory, backup & recovery, data centers, remote access, storage, operating systems, virtualization services, etc.)
• Demonstrated experience in leading audits/reviews, performing risk assessments, and system implementation reviews for a global organization
• Leadership, interpersonal, and management skills
• Ability to communicate effectively at all levels of the business

Preferred Skills, Talents, & Experience

• Professional certification (i.e., CISSP, CISA)

We love work-life balance as much as you do! Gogo Business Aviation is a place that values our employees' time both in and out of the office. Our employees enjoy a hybrid in-office and work from home environment that is designed to give you the flexibility and space to collaborate with your team effectively while building the strong relationships that are a hallmark of our culture.
Equal Pay Disclosure(s)
Colorado Equal Pay Statement: Disclosure required by sb19-085 (8-5-20) of the minimum salary compensation for this role to be located in the state of Colorado.
Base Pay:
118,800.00 - 148,500.00 USD Annual
Target Annual Short-Term Incentive:
Bonus Plan at 10% (% of Annualized Base Pay)
Eligible for Incentive Stock Program:
Yes
Benefits:
Gogo offers competitive benefits including medical, dental and vision coverage with plans that can fit each employee's needs. We offer an immediate vesting 401k plan, paid time off and volunteer time off. Employees have the option to participate in an Employee Stock Purchase Plan. Visit the Careers page on our website for more information at www.gogoair.com/careers.
--- --- ---
Gogo is an Equal Opportunity Employer and Affirmative Action Employer and works in compliance with both federal and state laws. We are committed to the concept of Equal Employment opportunity.
Qualified candidates will be considered for employment regardless of race, color, religion, age, sex, national origin, marital status, medical condition, or disability.
The EEO is the law and is available here. Gogo participates in E-Verify (English and Spanish). Right to Work Statement (English and Spanish).