Manager, IT Internal Controls & Compliance
HuluSanta Monica, CA
Full Time Job
Hulu’s Internal Audit team is seeking an IT Compliance Manager who will be an exceptional addition to our team. The Compliance team is primarily responsible for managing the company-wide Compliance program, including but not limited to the Sarbanes-Oxley (SOX) Section 404 program. As an IT Compliance Manager, you will be working directly with the Senior Manager of Compliance and will be responsible for planning, coordinating and executing the company-wide IT SOX Compliance efforts and other special projects. If you are someone who loves working in a dynamic environment, has a passion for the streaming world, and enjoys understanding, evaluating, and improving IT and business processes, then this is a great role for you!
WHAT YOU'LL DO
• Provide technical and quality oversight regarding IT risks, controls and technologies, including ongoing risk assessments, risk decisions, control implementation, evaluation of segregation of duties, and process improvement opportunities
• Collaborate with Technology Compliance on IT Risk Management, IT Vendor Risk management, and the ongoing evaluation and updating of IT Policies, procedures, SOPs, flowcharts, data flow diagrams, and narratives.
• Facilitate the review of third-party SOC reports and partner with our Technology and Legal teams to ensure relevant third party service providers are aligned with SOX requirements
• Coordinate and manage the execution of internal audits and the needs of internal and external auditors, including planning and coordinating walkthroughs, and testing of IT general controls, application controls, and key system generated reports.
• Evaluate and ensure remediation of identified control deficiencies in a timely manner
• Review system implementations to assess risks and potential impact to the key SOX controls
• Assist in the preparation of executive presentations and participate in recurring SOX Steering Committee meetings
WHAT TO BRING
• Bachelor’s degree is required in a related field; information systems, computer science, business, finance or accounting preferred
• Minimum experience of five years in internal or external auditing, with emphasis on IT auditing, preferably with larger companies having complex IT environments or Big 4 accounting firm
• A detailed understanding of the general computer control areas and the IT governance framework (COBIT), Sarbanes Oxley, and the COSO framework
• Proven experience with evaluating security and controls on various on-premise and cloud-based technologies, including experience with performing
• Strong ability to understand, assess and prioritize risks across the components of the IT environment (application, operating system, and database)
• Solid communication skills, including a proven ability to articulate to others outside of Compliance (e.g. Controllership) complex IT risks, their impact, and the required action plans to address those risks
• One or more of the following professional certifications required: Certified Information Systems Auditor (CISA), Certified Information Systems Security Professionals (CISSP); Certified Information Security Manager (CISM) or Certified Information Privacy Professional (CIPP)
• Media and technology industry experience
• Experience working with companies that have a heavy microservice architecture
• Experience with managing, implementing, and using audit and compliance management tools.