Senior Manager, Technology Internal Audit

Palo Alto
12 Jun 2018
16 Jun 2018
Job role
Contract type
Full time
As the Senior Manager – Technology Internal Audit, you will be part of a high–energy team, passionate about delivering technology audit assurance and risk consulting services that align with the dynamic environment of VMware.You will be leading projects of Cloud and Cyber Security, our new SaaS offerings and operational risk, and application environments that centers on the SAP platform with SaaS and on premise virtualized environments. These activities may include risk assessments, product readiness and security assessments, architecture and application reviews, controls evaluation, and communication to internal partners. You will need to liaise and work closely with the R&D Products Business Units, IT, Information Security and other support teams to ensure their activities are strategically aligned with VMware's business objectives and support the achievement of the VMware's vision, mission and values.We are looking for a team member who is passionate about Technology Risk, has a good combination of interpersonal and technical skills, and proven Technology audit experience.Role:You will:
Lead, plan, scope, execute and deliver a wide variety of audit and advisory assignments in the technology risk assurance and advisory space (including product security / readiness, compliance and operational)
Stay informed and abreast of technical updates and news related to IT and security as relevant to VMware; and be the domain expert in these areas for the Internal Audit team
Execute risk, vulnerability, maturity and readiness assessments in IT infrastructure, operations, cloud and security areas
Assess management's risk prioritization, risk mitigation initiatives and evaluate the design and operational effectiveness of IT general controls and application controls (security, compliance and operational), as part of integrated operational and security audits
Evaluate risks associated with new product readiness, system implementations, configuration management, maintaining security protocols and user access management
Connect the dots between IT operational risk and broader product and security risk, providing management with risk insights, observations and recommendations
Actively manage workload and can work independently and alongside a multi–functional and geo–dispersed team
Lead and/or support internal initiatives (tools, people, training, recruiting, methodology)
Skills and Competencies Required:
Hands–on manager with relevant technical and auditing skills to review and assess vulnerabilities and risks at different architectural layers within software applications and systems, including software development and product security
Ability to lead and influence people, communicate highly technical issues to non–technical / executive audiences succinctly along with the demonstrated ability to clearly articulate to IT and Business partners alike
Ability to balance projects and to communicate project status and issues as well as clearly articulate risks at all organizational levels
Openness to receiving and providing constructive feedback and focused on continuous improvement through incorporating feedback provided into measurable action
Ability to collaborate within teams, build and sustain relationships with business partners and team members
Agile and participative teammate within a dynamic team environment
Experience & Education Expected:
Hands on experience with security risk assessments, IT operational audits and maturity / readiness risk reviews to deliver against the job responsibilities noted above, required
Experience and working knowledge of risks relevant to the Software and Cloud Service Provider Industry would be a plus
Bachelors with 10+ (or Masters with 7+) years of relevant experience
Working knowledge / hands–on experience with controls in VMware products and SaaS offerings (e.g., ESXi, NSX, VSAN, AirWatch, and etc.) and SAP ERP is a plus
Professional certification is a plus (CISSP, CISM, CISA, CRISC, CompTIA Security+, GSEC)
Equal Employment Opportunity Statement VMware is an Equal Opportunity Employer committed to providing employees with a work environment free of discrimination and harassment. All employment decisions are based on business needs, job requirements and individual qualifications, without regard to race, color, religion or belief, national, social or ethnic origin, age, physical, mental or sensory disability, sexual orientation, gender identity and/or expression, marital, civil union or domestic partnership status, past or present military service, HIV status, family medical history or genetic information, family or parental status including pregnancy, or any other status protected by the laws or regulations in the locations where we operate. VMware will not tolerate discrimination or harassment based on any of these characteristics.Copyright ?? 2016 VMware, Inc. All rights reserved.