Information Security Advisor, Sox ITGC
New York, Boston, Remote-US
Applications have closed
About Datadog:
We're on a mission to build the best platform in the world for engineers to understand and scale their systems, applications, and teams. We operate at high scale—trillions of data points per day—providing always-on alerting, metrics visualization, logs, and application tracing for tens of thousands of companies. Our engineering culture values pragmatism, honesty, and simplicity to solve hard problems the right way.
The team:
Datadog’s Information Security and Compliance (Infosec-GRC) department supports Datadog’s business by overseeing all aspects of IT-related compliance and working with engineers to meet regulatory requirements, by leading ongoing compliance activities, and by using technology to streamline compliance efficiency across the company.
The opportunity:
As a Program Lead, you will lead and contribute to Datadog’s efforts to maintain ITGC SOX-404. We are looking for someone with experience auditing and working within technology companies that are fast-paced, cloud native, and leverage a broad range of technologies to get the job done. This position will own the company’s ITGC SOX-404 compliance program, working across our global organization to identify technology risks and managing regulatory impact on the organization. You will participate in assurance and advisory projects within areas such as sales & operations, enterprise IT, data infrastructure, finance, financial systems, revenue engineering, and the technology platform. You will partner with Datadog’s Internal Audit Manager to deliver a comprehensive Internal Audit program.
You will:
- Lead the annual SOX 404 ITGC statement mapping, risk assessment and scoping process identifying significant business units, in-scope applications and services, and critical processes ensuring an adequate scope and testing of Datadog’s SOX-404 ITGC RCM statements.
- Co-lead and oversee ITGC SOX compliance and IT internal audits in accordance with standards.
- Act as the “go-to” person for ITGC internal controls within the organization and provide a reliable and insightful resource for implementing controls within a business process in an efficient and effective manner.
- Critically evaluate the current set of in scope controls and recommend ways to rationalize and optimize controls through automation.
- Partner with Datadog’s Internal Audit Manager to efficiently produce annual internal audit deliverables.
- Coordinate with business owners to ensure controls are being properly designed and continuously compliant through business and organization changes.
- Manage consultants and service providers, when applicable. Lead scoping and reporting with service providers.
- Consult on new business initiatives, system implementations, ITGC policy changes and assess the impact of changes on internal controls
- Liaise with external auditors and proactively partner with Datadog’s Internal Audit team to ensure reliability of testing
- Leverage your controls knowledge and audit experience to support, in a backup capacity, other regulatory frameworks (ISO, PCI, HIPAA)
Requirements:
- BS/BA degree or equivalent experience (Preferred certifications: CISSP, CIA or CISA)
- 8+ years of experience including IT General Controls, internal audit and direct experience in SOX-404 audit experience
- Must possess strong auditing skills with experience in auditing public companies, and ensuring compliance with Sarbanes-Oxley Act, Section 404 and the Public Company Oversight Board (PCAOB) Standards
- Knowledge of external auditor requirements and reporting
- Strong written and verbal communication skills
- Demonstrated cross-functional people and process management skills
- You value correctness and efficiency; you leave no stone unturned when reviewing documentation and evidence
- You want to work in a fast, high-growth environment
Bonus points:
- “Big 4” audit experience.
- Certifications are not a strict requirement but are appreciated
- You’ve been through an IPO before and participated in the SOX program
- Familiarity with Amazon Web Services, Google Cloud Platform, or Azure
- Knowledge of and experience with the use of compliance reporting software
- You’ve used GRC tools and are generally adept at picking up new organizational tools like Trello, Google Docs, and Github
#LI-Remote
Equal Opportunity at Datadog:
Datadog is an Affirmative Action and Equal Opportunity Employer and is proud to offer equal employment opportunity to everyone regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity, veteran status, and more. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements.
Your Privacy:
Any information you submit to Datadog as part of your application will be processed in accordance with Datadog’s Applicant and Candidate Privacy Notice.
Tags: Audits Automation Azure CIA CISA CISSP Cloud Compliance Finance GCP GitHub HIPAA Privacy Risk assessment
Perks/benefits: Salary bonus Startup environment
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Staff Security Engineer jobs
- Open Information Security Specialist jobs
- Open Senior Security Analyst jobs
- Open Security Operations Engineer jobs
- Open Cyber Security Architect jobs
- Open Senior Cyber Security Engineer jobs
- Open Product Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Cyber Security Specialist jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Cybersecurity Analyst jobs
- Open Principal Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Information Security Engineer jobs
- Open Consultant SOC / CERT H/F jobs
- Open Cybersecurity Specialist jobs
- Open IT Security Analyst jobs
- Open Chief Information Security Officer jobs
- Open Security Researcher jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Cyber Security Specialist jobs
- Open Information System Security Officer (ISSO) jobs
- Open Agile-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open CISM-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open CISA-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Java-related jobs
- Open Kubernetes-related jobs
- Open EDR-related jobs
- Open Security Clearance-related jobs
- Open Malware-related jobs
- Open IDS-related jobs
- Open APIs-related jobs
- Open CEH-related jobs
- Open CI/CD-related jobs