The IT Internal Audit Manager will serve as the primary contact point for all IT related SOX and audit matters including internal consultants and external auditors. You'll be heavily involved with managing the IT SOX program, review of ITGC testing and coordination of audit requests with the IT organization. Additionally, you will be identifying opportunities for improvement across the organization and developing audit plans to address and report on the associated risks.
This position is a unique blend of business partnering, process improvement, and management reporting that offers you a great opportunity to make a direct and immediate impact, coupled with a significant opportunity to grow and expand your scope of responsibilities as the Internal Audit function scales to support Rapid7's high growth business. The position will ideally be based in Boston at Rapid7 Global headquarters but could be remote or based out of one of our
satellite offices for the right candidate.
● Manage IT SOX compliance program including internal consultant test plan, control test
review and reporting
● Perform IT risk assessment and system scoping
● Assess key risks and controls; and design innovative and appropriate broad based
coverage across in-scope systems, exhibiting exceptional judgment regarding issue
identification, issuing draft findings to business partner management, and drafting and
issuing final audit reports.
● Work with business owners to improve operational efficiency and compliance efforts
● Align with external auditors on ITGC test approach and reliance
● Identify opportunities for process improvement across the IT organization and coordinate
with Finance teams for cross functional projects
● Assist Internal Audit department lead develop and manage the audit plan, scheduling
resources, and other duties as assigned.
● Consult on key management projects including Access and Vendor Management programs
● Participate in robotic process automation project including identification and design of
business processes to automate
● Demonstrates professional skepticism; present audit results in an objective manner
● 3-5 years of IT audit experience including IT risk management
● Bachelor's degree in Information Technology or related major is required
● CISA certification required
● Proficiency in Microsoft Excel
● AuditBoard and Enterprise GRC/ERP tools experience a plus
● Demonstrated competency in IT audit including SOX and SOC regulations
● Motivated with a strong desire to succeed, both individually and as part of a team
● Strong self-awareness and interpersonal skills, able to build meaningful relationships at all
levels of the organization
● Knowledge of information security management frameworks (e.g. ISO 27001, COBIT, ITIL,
NIST, Cybersecurity Framework)