Sr. IT Audit Manager

*Job Req ID: 27870
About Supermicro*
Supermicro is a Top Tier provider of advanced server, storage, and networking solutions for Data Center, Cloud Computing, Enterprise IT, Hadoop/ Big Data, Hyperscale, HPC and IoT/Embedded customers worldwide. We are the #5 fastest growing company among the Silicon Valley Top 50 technology firms. Our unprecedented global expansion has provided us with the opportunity to offer a large number of new positions to the technology community. We seek talented, passionate, and committed engineers, technologists, and business leaders to join us.

Job Summary
Supermicro is seeking a highly skilled and experienced Sr. IT Audit Manager to lead and execute comprehensive IT audit strategies. In this role, you will ensure that audits align with organizational goals, risk priorities, and regulatory requirements. You will oversee the development and execution of IT audit plans, lead risk assessments of IT systems, and evaluate the design and effectiveness of IT controls. Your expertise will be crucial in ensuring compliance with industry regulations such as SOX, GDPR, and NIST, as well as identifying opportunities to improve IT processes and controls. You will be responsible for managing audit engagements, performing tests, documenting findings, and presenting clear and concise audit reports to management. As a leader, you will guide audit team members, foster a collaborative environment, and stay updated on emerging technologies and security threats to maintain effective audit practices.

Essential Duties And Responsibilities

• Lead the development and execution of IT audit strategies, ensuring alignment with organizational goals, risk priorities, and regulatory requirements.
• Develop and execute comprehensive IT audit plans based on identified risks and regulatory requirements. Including obtaining background information on the business function being audited, performing a risk and control assessment, defining the audit scope and objectives and engagement with stakeholders
• Lead and Conduct thorough risk assessments of IT systems and processes to identify vulnerabilities and potential areas of concern.
• Evaluate the design and effectiveness of IT controls to mitigate risks and ensure operational efficiency.
• Perform various audit tests, including walkthroughs, interviews, data analysis, and penetration testing (if applicable).
• Document audit workpapers, findings, and recommendations in accordance with professional standards.
• Ensure IT systems and processes comply with relevant regulations, standards (e.g., SOX, GDPR, NIST), and internal policies.
• Evaluate the security posture of IT systems, including identity and access management, data security, network security, Cyber security, and vulnerability management.
• Coordinate, drive and deliver simultaneous reviews in a timely, efficient and cost effective manner without compromising quality of delivery
• Identify opportunities for improvement in IT processes and controls, and provide recommendations to management in a scheduled manner.
• Prepare and present clear and concise audit reports to management, highlighting key findings, risks, and recommendations.
• Effectively communicate and collaborate with various stakeholders, including IT professionals, business leaders, and external auditors.
• Track and follow up on the implementation of audit recommendations to ensure timely remediation of identified issues.
• Conduct risk assessments related to emerging technologies, including cloud computing, big data, AI, and blockchain.
• Foster a collaborative work environment and ensure the team's adherence to auditing standards and best practices.
• Lead audit team members in the preparation of work papers and other deliverables, ensuring the quality and accuracy of audit findings
• Stay abreast of emerging technologies, security threats, and regulatory changes to ensure audit practices remain current and effective.

Qualifications

• A big4 experience in managing client delivery.
• Minimum Bachelor's degree. Concentration in Information Security, Risk Management, Business, Finance, or a related field is a plus
• 12+ years of relevant experience in IT and operational internal audit, public accounting, and/or Sarbanes-Oxley ; risk consulting or internal control functions (e.g. internal audit, compliance, fraud mitigation, etc.)
• Experience in auditing SAP Hana
• Ability to link business strategy to key processes and controls and understand risk implications and IT impacts;
• Ability to assess the design and control effectiveness of key systems;
• Ability to assess programs and projects, including governance and solution designs;
• Have visibility of and understand the IT Roadmap and engage with Management on future developments;
• Understanding of best practice IT program management requirements;
• Demonstrated experience establishing regular and collaborative engagement across the organization with key risk stakeholders to drive risk awareness and transparency
• Demonstrated experience in conflict resolution and in a role where differing points of view are common, including between yourself and more senior members of the organization
• Knowledge of compliance standards, privacy laws and financial regulations (Sarbanes Oxley, SOC 1 (SSAE 18), SOC 2/3 (Trust Services Principles), NIST, COBIT, GDPR, etc.)) preferred
• Process improvement, advisory and continuous learning mindset
• Experience with GRC tool such as Diligence Platform, Audit Board
• Professional Risk Management certifications a plus
• Risk management experience in a complex institution and/or highly matrixed environment a plus
• Must be detail-oriented and self-motivated, and able to work independently.
• Effective project or program management skills to plan, monitor and execute various initiatives.
• Demonstrate excellent English verbal communication and technical writing.
• Advanced level in Excel and Power Point

*Salary Range*
150,000-178,000

The salary offered will depend on several factors, including your location, level, education, training, specific skills, years of experience, and comparison to other employees already in this role. In addition to a comprehensive benefits package, candidates may be eligible for other forms of compensation, such as participation in bonus and equity award programs.

*EEO Statement*
Supermicro is an Equal Opportunity Employer and embraces diversity in our employee population. It is the policy of Supermicro to provide equal opportunity to all qualified applicants and employees without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, protected veteran status or special disabled veteran, marital status, pregnancy, genetic information, or any other legally protected status.