What Your Responsibilities Will Be
- Support the build-out of technical SOX controls, working with Security, engineering, finance and IT to document and test controls across key systems.
- Assist in technology risk assessments to identify gaps against IPO-readiness benchmarks
- Help drive IT General Controls implementation, application controls and report testing, coordinating with internal teams and external auditors.
- Work with cross-functional teams to develop process flows, SOPs, and runbooks for key controls.
- Partner with all stakeholder teams to track control ownership, remediation efforts, and evidence collection.
Coordinate the documentation and migration of control information into Avalara s GRC platform.
- Proactively engage on multiple simultaneous projects with internal and external stakeholders to support strategic security and compliance objectives.
- Assist with the performance of ad hoc risk and compliance assessments as needed.
What Youll Need to be Successful
- Bachelor s degree in Information Technology, Computer Science, or equivalent experience.
- 5+ years of experience in IT Audit, IT Security, or IT Risk Management.
- Proven experience conducting systemic risk analysis in complex technical environments, including reviewing application design and architecture.
- Familiarity with standards and frameworks such as ISO 27001, SOC 1, SOC 2, SOX, NIST, etc.
- Strong understanding of application security principles, including the ability to assess risk through code and design review processes.
- Deep knowledge of technical controls, including their design, implementation, and effectiveness.
Experience working with business continuity, disaster recovery, vendor risk management, data privacy, and regulatory compliance.
- Skilled in identifying business risks and evaluating trade-offs between technical and business objectives.
- Experience with risk management platforms (e.g., ServiceNow GRC) is a plus.
- Highly self-motivated, proactive, and capable of managing concurrent priorities with minimal supervision.
- Strong organizational, planning, verbal, and written communication skills.
