IT Audit Analyst

  • Credit Karma
  • San Francisco, CA, USA
  • Jul 03, 2018
Full time Accounting Compliance Risk

Job Description

As a member of the team, you’ll have the opportunity to advise on system implementations, product launches and other business initiatives. You will support compliance initiatives throughout a fast paced dynamic startup environment. You’ll collaborate regularly with the operations, security, and development teams to complete a variety of engaging projects that assess enterprise technology risk. If you are a self-starter, with an appetite to learn and play a vital role in the growth of our compliance team, then this role is for you.

What You'll Do:

  • Develop and maintain information security policies, procedures, standards and guidelines based on best practices and regulatory and legal compliance
  • Creates, manages and conducts workforce information security
  • Ensures adequate and effective IT controls exist to meet applicable current and future security compliance requirements found in laws, regulations, frameworks such as requirements to comply with SSAE 16 SOC I & II, ISO 27001, NIST/FedRamp etc.
  • Remediate internal controls related to IT, security, operations, and engineering
  • Work with internal stakeholders to complete internal audit requirements
  • Work with external auditors to assist in the completion of annual compliance audits
  • Assist with user access/identity management reviews from automated and manual systems
  • Performs other duties as assigned or necessitated by business, regulatory or emergency situations

What We Expect:

  • Bachelor's Degree required in Management Information Systems, Business or Accounting, or other related field
  • 2-3 years of professional experience in a technology risk or compliance related role
  • Big 4 experience preferred
  • 2+ years experience with one or more of the internal controls frameworks (PCI, NIST 800-53, DoD STIGs, SSAE 18 (SOC), ISO 27001, MS-SDL, SOX)
  • CPA, CISA, CISSP, or other related technology governance certifications a plus