Associate Internal Audit

Job Description

Responsibilities: Evaluate the design and operational effectiveness of key operational, cybersecurity and related controls used at Okta Ensure adherence to SOX, COSO, NIST and other relevant frameworks Assess risks, design audit programs, execute fieldwork, complete walkthroughs, test controls and document workpapers (in a manner that aligns to our department methodology), and document findings with clear evidence to support audit conclusions Exercise judgment regarding planning, risk assessments,and completion of objectives on complex projects Utilize data analytics tools to assess the effectiveness of controls and identify areas for improvement Effectively partner with cross functional stakeholders to gain stakeholder agreement on root causes of issues and appropriate corrective actions and ensure completion of remediation activities agreed upon during audit projects, while maintaining positive client relationships Participate in providing risk-based consulting to assist management during the development of business process improvements or the implementation of new systems Assist in the planning, execution, and reporting of SOX 404 testing, including control walkthroughs, testing key controls, and evaluating deficiencies Work cross-functionally with process owners to assess control design, identify gaps, and recommend process improvements Create and maintain documentation over how key SOX reports are generated and validated Assist in SOC 1 and SOC 2 reviews, ensuring compliance with regulatory and industry standards Support audit readiness for external auditors, coordinating audit requests and documentation Develop and maintain strong relationships with key stakeholders across the organization to facilitate effective communication and collaboration Ad hoc projects and requests, as needed Required Qualifications: Bachelor s degree in business, accounting, computer science, information systems, STEM (Science, Technology, Engineering and Math) or related major Experience in internal audit with a focus on financial, operational, and technology risk Strong understanding of SOX 404, COSO framework, US GAAP, and risk assessment methodologies Knowledge of IT systems including infrastructure, cybersecurity, and familiarity with IT governance frameworks and experience using industry standards/framework such as NIST CSF, COSO and COBIT Experience in completing control walkthroughs, testing, and evaluating key business and IT controls Understanding of IT general controls including cybersecurity, SDLC, access and change management, logging and monitoring, disaster recovery, and cloud computing Analytical and critical thinking proficiency in analyzing complex data and extracting meaningful insights Ability to effectively discuss audit findings and develop impactful solutions with business partners, focusing on right-sized solutions given the size and complexity of the organization Ability to identify root causes of issues and recommend appropriate remediation and safeguards Excellent analytical, organizational, and written/verbal communication skills Strong English language proficiency (verbal and written) Position is eligible to be partially remote, so communication, collaboration, and organization are key to your success Solutions oriented, with a willingness to roll up your sleeves to get it done Ability and desire to work hands on in an evolving, fast-paced environment Be flexible with supporting PST time zones Preferred Qualifications: Certifications such as CPA, CIA, or CISA, CISM, CISSP, CEH, Security + or CISA are highly desirable Experience with data analytics platforms and tools Auditboard experience is an added advantage Experience with cloud-based or software as a service (SaaS) companies is a plus Big 4 or similar auditing experience is desirable