Director, IT Audit

GitLab is an open core software company that develops the most comprehensive AI-powered DevSecOps Platform, used by more than 100,000 organizations. Our mission is to enable everyone to contribute to and co-create the software that powers our world. When everyone can contribute, consumers become contributors, significantly accelerating the rate of human progress. This mission is integral to our culture, influencing how we hire, build products, and lead our industry. We make this possible at GitLab by running our operations on our product and staying aligned with our values. Learn more about Life at GitLab.

This role is 100% remote and will be based in the US or Canada.

An overview of this role

As the Director of IT Audit, you will be responsible for the development and execution of a global risk-based technology focused internal audit strategy, IT audit, and SOX ITGC plans in support of Internal Audit Department requirements. The position additionally will support in development and execution of the Internal Audit strategic plan and roadmap to build the next generation Audit function.

The Director, IT Audit reports to the Vice-President, Internal Audit.

What You’ll Do

• Develop and execute a global risk-based technology focused internal audit strategy and audit plan
• Monitor and report on IT internal audit strategic initiatives and IT audit plan project status
• Oversee the SOX ITGC planning, scoping, testing, deficiency assessment and mitigation plans
• Design, implement and update global IT internal audit policies, standards and practices
• Lead and drive next generation technology reviews and drive adoption for Internal Audit maturity
• Continuously improve internal audit processes, quality of internal audit results and internal audit efficiency
• Hire, mentor, train, supervise and evaluate IT internal audit team members
• Manage activities conducted by IT audit co-source partners
• Develop and maintain strong relationships with industry peers, external auditors and co-source partners
• Develop and maintain strong relationships with the stakeholders across the first and second line to improve SOX ITGCs and address other technology and security risks
• Maintain proficiency and competence in IT audit trends, developments and audit techniques through professional development
• Develop and approve internal audit project objectives, scope and procedures, and present findings and report risk levels to senior management
• Oversee periodic follow-up on significant audit findings and recommendations to evaluate the adequacy of corrective actions
• Develop and manage the IT audit budget, monitoring actual expense incurred compared to budget
• Operate in conformance with the Institute of Internal Auditors International Professional Practices Framework (IPPF)
• Lead/participate in internal audit department non-audit or special projects related to strategic goals or other Company initiatives.

What You’ll Bring

• Undergraduate degree in engineering or business
• 12+ years of combined professional experience in IT audit, security, risk, controls or information technology
• Strong SOX ITGC hands-on testing and managing experience
• Ability to lead and execute complex technology reviews
• Hands on experience implementing data analytics and next generation technologies
• Excellent communication skills – written and oral
• Project management experience including overseeing multiple projects simultaneously
• Problem solving and client service skills
• Strong understanding and appreciation of information technology (e.g., application development, cloud, network infrastructure, vulnerability management, cybersecurity, database and server security, access control, etc.)
• Experience in influencing, persuading, and making pitches to senior leadership
• Leadership qualities, including experience managing a team
• Ability to work in US time zones mainly Pacific time zone
• Experience in the software industry is highly preferred.
• Professional certifications like CISA, CISSP, CISM or similar preferred
• Ability to use GitLab

How GitLab will support you

• Benefits to support your health, finances, and well-being
• All remote,asynchronous work environment
• Flexible Paid Time Off
• Team Member Resource Groups
• Equity Compensation & Employee Stock Purchase Plan
• Growth and development budget
• Parental leave
• Home office support

The base salary range for this role’s listed level is currently for residents of listed locations only. Grade level and salary ranges are determined through interviews and a review of education, experience, knowledge, skills, abilities of the applicant, equity with other team members, and alignment with market data. See more information on our benefits and equity. Sales roles are also eligible for incentive pay targeted at up to 100% of the offered base salary.

California/Colorado/Hawaii/New Jersey/New York/Washington/DC pay range$176,000—$330,000 USD

Country Hiring Guidelines: GitLab hires new team members in countries around the world. All of our roles are remote, however some roles may carry specific location-based eligibility requirements. Our Talent Acquisition team can help answer any questions about location after starting the recruiting process.

Privacy Policy: Please review our Recruitment Privacy Policy. Your privacy is important to us.

GitLab is proud to be an equal opportunity workplace and is an affirmative action employer. GitLab’s policies and practices relating to recruitment, employment, career development and advancement, promotion, and retirement are based solely on merit, regardless of race, color, religion, ancestry, sex (including pregnancy, lactation, sexual orientation, gender identity, or gender expression), national origin, age, citizenship, marital status, mental or physical disability, genetic information (including family medical history), discharge status from the military, protected veteran status (which includes disabled veterans, recently separated veterans, active duty wartime or campaign badge veterans, and Armed Forces service medal veterans), or any other basis protected by law. GitLab will not tolerate discrimination or harassment based on any of these characteristics. See also GitLab’s EEO Policy and EEO is the Law. If you have a disability or special need that requires accommodation, please let us know during the recruiting process.