Director, Cybersecurity Audit

Available Locations: Austin, TX About the department
The Internal Audit (IA) organization is responsible for delivering high-quality, objective and independent assurance over Cloudflare's key technology and cyber risks to the Audit Committee and Management consistent with Professional Standards. Reflecting the Company's core value of continuous improvement, the function is in the process of moving toward wider coverage of cybersecurity risks, exploring more efficient audit approaches and industry best practices where appropriate.
We are seeking a highly motivated, strategic, and solution-focused candidate to lead and support Cloudflare's technology and cybersecurity audit plan to evaluate the effectiveness of control and management of risk. The ideal candidate will bring a deep understanding of cybersecurity risks, technology experience, and best-in-class audit practices. This role will report to the Director, Cybersecurity and IT Audit within Internal Audit.
What you'll do

• Design, lead, and execute technology and cybersecurity audits, with oversight of the project and timelines.
• Identify opportunities to utilize data analytics, AI, and other innovative tools to improve audit insights and effectiveness.
• Incorporate your understanding of existing and emerging cyber threats into audits.
• Support the risk assessments to identify and prioritize areas for audit focus.
• Prepare clear, concise and high impact audit reports with actionable recommendations for improvements.
• Ensure audits are completed on time, within scope, and in accordance with professional and department standards.
• Communicate audit findings and recommendations to all levels of the company, including senior executives.
• Act as a trusted advisor to the business, providing insights and recommendations on risk management and control improvements.
• Identify opportunities to enhance the efficiency and effectiveness of internal audit processes and methodologies.
• Mentor and provide guidance to internal audit team members, fostering a culture of continuous learning and professional development.

Examples of desirable skills, knowledge and experience

• 10+years of experience in internal audit, risk management, or related field with at least 3 years in a leadership role.
• Strong understanding of technology and systems including on-prem and public cloud.
• Strong knowledge and proven track record in applying internal auditing and cybersecurity principles and practices, specifically audit methodologies, risk assessment, sampling techniques, and audit documentation.
• Excellent analytical, problem-solving, and decision-making skills.
• Exceptional written and verbal communication skills, with the ability to present complex information clearly and concisely.
• Proven ability to build and maintain effective working relationships with stakeholders at all levels.
• High level of integrity, professionalism, and attention to detail.
• Familiarity with data analytics, cybersecurity frameworks, and advanced auditing techniques.
• Professional certifications such as: CISA, CISSP, etc.