Technology Internal Audit Manager

About the role:

We are seeking for an experienced Technology Internal Audit Manager - Cybersecurity to be part of our growing Internal Audit (IA) team. This person should have a collaborative and agile mindset, with experience building and enhancing internal audit policies, procedures, methodologies, and best practices for a rapidly growing technology/SaaS company.  

The Technology Internal Audit Manager - Cybersecurity will help build out the audit function at Samsara, including leading cybersecurity and technology risk-related assessments, supporting IA’s SOX testing program for IT controls, and serving as a technology risk advisor to key business and engineering stakeholders. This includes providing independent and objective insights to help Samsara leadership better manage emerging technology and cybersecurity risks as the company scales.

You should apply if:

• You want to impact the industries that run our world: Your efforts will result in real-world impact—helping to keep the lights on, get food into grocery stores, reduce emissions, and most importantly, ensure workers return home safely.
• You are the architect of your own career: If you put in the work, this role won’t be your last at Samsara. We set up our employees for success and have built a culture that encourages rapid career development, countless opportunities to experiment and master your craft in a hyper growth environment.
• You’re energized by our opportunity: The vision we have to digitize large sectors of the global economy requires your full focus and best efforts to bring forth creative, ambitious ideas for our customers.
• You want to be with the best: At Samsara, we win together, celebrate together and support each other. You will be surrounded by a high-caliber team that will encourage you to do your best. 

Click here to learn about what we value at Samsara. 

• Build relationships across the business, including BizTech (IT & Cybersecurity), R&D/Product Engineering, and Legal (Risk, Compliance, & Data Privacy) teams to understand key risks, controls, and gaps/improvement areas to inform IA’s audit plan
• Develop and execute internal audit programs that provide effective coverage over relevant technology and cybersecurity risks and controls (e.g. enterprise security, IT strategy & operations, IT governance & compliance, secure SDL)
• Manage the execution of technology risk-focused IA projects, including identification of observations, communication to key stakeholders, and formal reporting of results to IA leadership and senior management
• Represent Internal Audit as a subject matter cybersecurity expert and trusted advisor to stakeholders on key technology risk focus areas including security (information, cyber, product/SaaS engineering), IT infrastructure and operations, and data privacy
• Coordinate and oversee activities of the IA SOX testing outsource partner and manage their delivery schedule including quality review their IT control testing workpapers
• Drive improvements in processes supporting SOX compliance, including implementing best practices, improving documentation, and driving consistency across the business
• Champion, role model, and embed Samsara’s cultural principles (Focus on Customer Success, Build for the Long Term, Adopt a Growth Mindset, Be Inclusive, Win as a Team) as we scale globally and across new offices

Minimum requirements for the role:

• Experience performing technology risk-relevant work in the tech industry (SaaS preferred) in an internal role or via Big 4/professional services/consulting
• 5+ years of relevant IT audit, cybersecurity risk/compliance experience (e.g. internal audits, SOC, ISO, NIST, GDPR, SOX, etc) or experience in a related security role (e.g. security engineering/operations, software/product engineering, etc)
• Working experience leading/executing technology risk-related security assessments and/or advisory engagements, including delivery of results to management and monitoring progress/completion of management action plans
• Strong verbal and written communication skills, with the ability to effectively communicate to senior executives
• Strong project management skills with the ability to juggle multiple work efforts, be agile and adapt quickly to changing needs

An ideal candidate also has:

• Relevant professional certification(s) such as CISA, CISSP, CISM or other cybersecurity related certifications
• Experience partnering with product engineering teams/R&D (agile/DevOps)
• A bachelor’s degree or equivalent in relevant fields of study - Information Systems, Computer Science, Engineering/Technology or other related fields is desirable