Full-Time Cybersecurity Internal Audit Manager

We are looking for an experienced Cybersecurity Audit Manager to join our Internal Audit function.

We have a tight team environment where support, loyalty, and honest feedback are the currency. ServiceNow employees are expected to be self-starting, proactive, and able to thrive in a fast-paced environment.

What you get to do in this role:

• Lead risk-based cybersecurity audits including performing risk assessments, process reviews, advisory services, and product engineering security reviews with minimal oversight
• Provide value-added insights and recommendations to improve the security posture and operational efficiency of our corporate and cloud environments, as well as our product
• Mentor and provide leadership to audit staff and interns
• Actively manage relationships with business partners and co-workers
• Serve as technical subject matter expert for cyber-focused areas (infrastructure, network security, secure development, vulnerability management, cloud computing, and the ServiceNow platform)

To be successful in this role you have:

• 6+ years of experience with a Bachelor’s degree in Computer Science, Management Information Systems, Cybersecurity, or related discipline; or related work experience
• 6+ Years work experience in technology audit, information security engineering, IT governance risk and compliance, or related areas, preferably within the technology industry.

Certifications: CISA, CISSP

Nice to have: Big 4 Experience

Exposure to a high growth and/or rapidly changing technology enterprise

Technical skills required:

• Solid understanding of cybersecurity processes and concepts (e.g. vulnerability management, security governance, software development, incident response, physical security, auditing and logging, micro segmentation, secure access service edges, zero trust architecture, SBOM, Secure Software Development Lifecycle, Insider Threat, Digital Supply Chain, Vendor Risk Management, PKI, penetration testing) as well as application controls and segregation of duties
• Advanced understanding of internal controls and the demonstrated ability to evaluate and determine the adequacy of control design and operating effectiveness
• Knowledge and experience with professional standards, including NIST 800-53, NIST Cybersecurity Framework, COBIT, ITIL
• Experience with SAP, Workday, Azure, AWS, Palo Alto Networks, zScaler, Illumio, Splunk, Python, ServiceNow (a plus)
• Experience in leading audits/assessments, performing risk assessments and system implementation reviews, as well as controls design reviews and testing in an international organization
• Exceptional skills in using Excel

Soft skills required:

• Excellent verbal, written, oral communication and presentation skills
• Outstanding critical thinking and analytical skills; ability to identify root cause of identified issues
• The ability to present audit issues to management in an easily digestible manner
• Ability to work both independently and as a team member
• Can prioritize and manage multiple tasks concurrently in an efficient and effective manner with minimal supervision

Compensation: $158,500 - $277,500 base pay, plus equity (when applicable), variable/incentive compensation and benefits. Compensation based on location.

What is the last date for applying to the job?

Which countries are accepted for this remote job?