ITGC Compliance Manager at Zscaler
Zscaler (NASDAQ: ZS) accelerates digital transformation so that customers can be more agile, efficient, resilient, and secure. The Zscaler Zero Trust Exchange is the company’s cloud-native platform that protects thousands of customers from cyberattacks and data loss by securely connecting users, devices, and applications in any location.
With more than 10 years of experience developing, operating, and scaling the cloud, Zscaler serves thousands of enterprise customers around the world, including 450 of the Forbes Global 2000 organizations. In addition to protecting customers from damaging threats, such as ransomware and data exfiltration, it helps them slash costs, reduce complexity, and improve the user experience by eliminating stacks of latency-creating gateway appliances.
Zscaler was founded in 2007 with a mission to make the cloud a safe place to do business and a more enjoyable experience for enterprise users. Zscaler’s purpose-built security platform puts a company’s defenses and controls where the connections occur—the internet—so that every connection is fast and secure, no matter how or where users connect or where their applications and workloads reside.Job Description
Position- ITGC Compliance Manager
Location- Remote within United States
The SOX and ITGC Compliance Manager will have primary responsibility for ensuring the effectiveness of all IT General Controls (ITGCs) and application controls related to Business Technology. The manager will act as the primary point of contact between IT and internal/external auditors to provide leadership in managing auditing activities, requests and developing responses to audit findings, leading to remediation of audit findings. The role will also work closely with accounting business partners to ensure that SOX controls that involve business systems are implemented and operating effectively.
• Sound understanding of security and control principles including logical access controls, change control, least privilege, segregation of duties, computer operations, network security, vulnerability management, and secure coding
• Broad technical understanding of data management platforms (e.g., SAP, PeopleSoft, Oracle, Microsoft SQL Server, etc.) and associated data security controls
• Strong technology acumen and the ability to assess data privacy gaps in products/services design
Responsibilities/What you will be doing:
• Provide quality assurance of all IT General Controls through assessment, walkthroughs, and audits to ensure operational effectiveness of those controls.
• Monitor the control environment and ensure that controls are operational and in-line with established policies and procedures, and controls methodology
• Identify risks and gaps and facilitate remediation to address observations raised in internal and external audits
• Provide risk metrics to management regarding audit performance and findings
• Assist control owners with root cause analysis and track risk management action plan progress
• Guide efforts to create common control framework and uniform compliance reporting standard
• Stay up to date on changes to systems and applications and provide guidance on related controls
• Performing examination of IT General controls and application controls to determine design and operational effectiveness
• Conducting IT controls management testing of controls independent of the audit schedule to save time during audits
• Identifying and tracking assessment/audits using performance metrics
• Implementing and supervising the issue tracking and resolution process
• Reviewing the audit assessments conducted by both internal and external audit teams
• Collaborating with both internal and external auditors
• Reviewing third-party vendor attestation and audit reports, and providing feedback to business leaders and risk owners
• Provide relevant awareness training to control owners
What you should have
• Bachelor's Degree in Business, Accounting, Information Technology, or other quantitative discipline
• 10+ years of broad compliance or legal experience
• 5+ years of audit/assessment experience with SOX
• Experience with common information security management frameworks, such as International Organization for Standardization (ISO) 2700x, ITIL, CSC20, COBIT, CIS Controls and National Institute of Standards and Technology (NIST) frameworks
• Experience with project management best practices
• Certified Information Security Auditor (CISA)
• PMI Project Management Professional (PMP)
• Experience in working with SOX, IcFR and internal control design and operations from a Finance and Business Technology perspective
• Familiarity with common enterprise and web application technologies
• Strong analytical and time management skills
• Ability to maintain a high degree of confidentiality
All your information will be kept confidential according to EEO guidelines.
What You Can Expect From Us:
- An environment where you will be working on cutting edge technologies and architectures
- A fun, passionate and collaborative workplace
- Competitive salary and benefits, including equity
People who excel at Zscaler are smart, motivated and share our values. Ask yourself: Do you want to team with the best talent in the industry? Do you want to work on disruptive technology? Do you thrive in a fluid work environment? Do you appreciate a company culture that enables individual and group success and celebrates achievement? If you said yes, we’d love to talk to you about joining our award-winning team.
Additional information about Zscaler (NASDAQ: ZS ) is available at https://www.zscaler.com.
Zscaler is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees.