ZipRecruiter
IT Audit Manager - GRC
ZipRecruiter, Beverly Hills, California, 90211
Job DescriptionJob Description Job Summary: The IT Audit Manager will lead and manage the IT audit function, focusing on Governance, Risk, and Compliance (GRC) across the organization. This role requires a highly experienced individual with a deep understanding of GRC principles and a solid technical background. The IT Audit Manager will ensure that IT controls, policies, and procedures comply with industry standards and regulatory requirements while driving best practices in IT governance and risk management. Key Responsibilities: Lead, plan, and execute IT audits with a focus on GRC. Develop and implement audit plans to assess the effectiveness of IT governance, risk management, and control processes. Evaluate IT risks and internal controls in alignment with industry standards and regulatory requirements. Oversee compliance with SOX, GDPR, HIPAA, and other relevant frameworks and regulations. Collaborate with stakeholders across IT, Finance, Compliance, and Legal to identify areas of improvement and recommend remediation plans. Manage and mentor junior auditors and audit staff, providing guidance and expertise in risk management, IT compliance, and control frameworks. Stay current with emerging IT risks, regulatory requirements, and industry trends. Provide regular updates and reports to senior leadership, highlighting key audit findings, risk exposures, and recommendations for mitigation. Assist in the implementation of IT governance frameworks and lead IT compliance initiatives. Coordinate with external auditors and regulatory bodies for assessments and audits. Ensure the effectiveness of IT policies, processes, and controls, driving continuous improvement in the organization’s IT governance and risk posture. Qualifications: Bachelor's degree in Information Systems, Computer Science, Accounting, or related field. A Master's degree is a plus. Minimum of 7-8 years of experience in IT audit, IT governance, or risk management. In-depth knowledge of IT governance frameworks such as COBIT, NIST, and ISO/IEC 27001. Strong experience with SOX compliance and other regulatory frameworks (GDPR, HIPAA, etc.). Proven experience in managing and executing risk-based IT audits and assessments. Excellent communication skills with the ability to interact effectively with senior management and stakeholders. Strong analytical and problem-solving skills with a keen attention to detail. Certifications Required: Certified Information Systems Auditor (CISA) Certified Information Security Manager (CISM) Certified Information Systems Security Professional (CISSP) Skills: Familiarity with GRC software platforms (e.g., Archer, MetricStream, or similar). Project management experience with an emphasis on IT audit and compliance initiatives. Strong leadership and team management capabilities. Proven ability to manage multiple projects simultaneously in a fast-paced environment. What We Offer: Competitive salary and benefits package. Opportunity to work in a collaborative and forward-thinking environment. Professional development opportunities and ongoing training. Work-life balance and flexible working arrangements.