Sr. IT Audit Manager

Supermicro® is a Top Tier provider of advanced server, storage, and networking solutions for Data Center, Cloud Computing, Enterprise IT, Hadoop/ Big Data, Hyperscale, HPC and IoT/Embedded customers worldwide. We are the #5 fastest growing company among the Silicon Valley Top 50 technology firms. Our unprecedented global expansion has provided us with the opportunity to offer a large number of new positions to the technology community. We seek talented, passionate, and committed engineers, technologists, and business leaders to join us.

• Lead the development and execution of IT audit strategies, ensuring alignment with organizational goals, risk priorities, and regulatory requirements.
• Develop and execute comprehensive IT audit plans based on identified risks and regulatory requirements. Including obtaining background information on the business function being audited, performing a risk and control assessment, defining the audit scope and objectives and engagement with stakeholders
• Lead and Conduct thorough risk assessments of IT systems and processes to identify vulnerabilities and potential areas of concern.
• Evaluate the design and effectiveness of IT controls to mitigate risks and ensure operational efficiency.
• Perform various audit tests, including walkthroughs, interviews, data analysis, and penetration testing (if applicable).
• Document audit workpapers, findings, and recommendations in accordance with professional standards.
• Ensure IT systems and processes comply with relevant regulations, standards (e.g., SOX, GDPR, NIST), and internal policies.
• Evaluate the security posture of IT systems, including identity and access management, data security, network security, Cyber security, and vulnerability management.
• Coordinate, drive and deliver simultaneous reviews in a timely, efficient and cost effective manner without compromising quality of delivery
• Identify opportunities for improvement in IT processes and controls, and provide recommendations to management in a scheduled manner.
• Prepare and present clear and concise audit reports to management, highlighting key findings, risks, and recommendations.
• Effectively communicate and collaborate with various stakeholders, including IT professionals, business leaders, and external auditors.
• Track and follow up on the implementation of audit recommendations to ensure timely remediation of identified issues.
• Conduct risk assessments related to emerging technologies, including cloud computing, big data, AI, and blockchain.
• Foster a collaborative work environment and ensure the team’s adherence to auditing standards and best practices.
• Lead audit team members in the preparation of work papers and other deliverables, ensuring the quality and accuracy of audit findings
• Stay abreast of emerging technologies, security threats, and regulatory changes to ensure audit practices remain current and effective.

• A big4 experience in managing client delivery.
• Minimum Bachelor's degree. Concentration in Information Security, Risk Management, Business, Finance, or a related field is a plus
• 12 years of relevant experience in IT and operational internal audit, public accounting, and/or Sarbanes-Oxley ; risk consulting or internal control functions (e.g. internal audit, compliance, fraud mitigation, etc.)
• Experience in auditing SAP Hana
• Ability to link business strategy to key processes and controls and understand risk implications and IT impacts;
• Ability to assess the design and control effectiveness of key systems;
• Ability to assess programs and projects, including governance and solution designs;
• Have visibility of and understand the IT Roadmap and engage with Management on future developments;
• Understanding of best practice IT program management requirements;
• Demonstrated experience establishing regular and collaborative engagement across the organization with key risk stakeholders to drive risk awareness and transparency
• Demonstrated experience in conflict resolution and in a role where differing points of view are common, including between yourself and more senior members of the organization
• Knowledge of compliance standards, privacy laws and financial regulations (Sarbanes Oxley, SOC 1 (SSAE 18), SOC 2/3 (Trust Services Principles), NIST, COBIT, GDPR, etc.)) preferred
• Process improvement, advisory and continuous learning mindset
• Experience with GRC tool such as Diligence Platform, Audit Board
• Professional Risk Management certifications a plus
• Risk management experience in a complex institution and/or highly matrixed environment a plus
• Must be detail-oriented and self-motivated, and able to work independently.
• Effective project or program management skills to plan, monitor and execute various initiatives.
• Demonstrate excellent English verbal communication and technical writing.
• Advanced level in Excel and Power Point