We are excited to be recruiting for a Senior Manager (Head of) Technology Audit and Risk Advisory for leading genetics technology company with a simple mission: to improve the quality of healthcare for billions of people. This San Francisco-based company has made game-changing progress in the field of genetic testing, both in terms of utilization and accessibility. The company has been growing a dramatic clip, with 45% revenue growth YOY and the stock price has increased 4X over the past year. They are also in acquisition mode (making several key acquisitions over the past year. Post-COVID-19, this position can be based in: San Francisco, Boulder (Co), Seattle, or Anaheim (Ca).
The Senior Manager Technology Audit and Risk Advisory will report to the Chief Audit Executive and will play a major role in helping built IT Governance maturity for this young and rapidly growing organization. You will be responsible or assessing an evolving Cloud-focuses application architecture, identifying critical risks and areas for improvement. You will initially focus on making sure the organization is prepared to comply with various standards (SOX, FDA, HIPPA and HITRUST), including working to rationalize the IT SOX program. You will also play a major role in developing relationships with key Technology and Development teams, to help them assess risks in their highly dynamic environments.
An ideal candidate would be one with solid grasp of leading-edge Cloud-based technology environments and architectures (i.e. AWS, Oracle Cloud, Okta, Splunk, GitHub, Kubernetes, Docker). You will have evolved beyond the check-list to be able to sort out complex environments, to effectively discern levels of risk, and to be able to communicate those ideas effectively to the business. You will have excellent organizational skills, and to be able to prioritize. You are the type of person who thrives working in a fast-paced environment and you are able to deal with ambiguity. You are a self-starter, who looks at challenges as an opportunity for solutions, and you care more about team goals than personal glory.
What makes this opportunity special:
- A company with a clear mission to improve heath outcomes for billions of people
- Astounding growth: 60% growth in in test volume; 45% growth in revenue YOY
- High visibility and impact: You will have an opportunity to build relationships throughout the organization and to function on critical processes to enable successful growth of the company
- Unique bottom-up team-oriented culture
- Excellent parental leave, flexible vacation and working hours, commuter benefits, and more
What would make you a great fit:
- 6+ years progressive experience in Technology Audit, IT Risk, or Information Security
- CISA, CISSP, CRISC, CIA, or other relevant certification is preferred
- Very solid understanding of leading-edge Cloud-based technology environments and tools (i.e. AWS, Oracle Cloud, Risk Management Cloud (RMC), Okta, Splunk, GitHub, Kubernetes, and Docker), highly preferred
- Experience and familiarity with key risk/compliance standards/frameworks: SOX, HIPPA, HITRUST, FDA
- Solid grasp of IT Risk and Controls concepts and Technology Audit processes and standards
- Experience working effectively with business partners to understand and redesign process, and effective controls
- Experience rationalizing IT SOX program, a plus
- Knowledge of ERP Controls knowledge; knowledge of Oracle Cloud a plus
- Must be self-starter, able to work without heavy supervision
- Ability to work in flexible and non-traditional culture and environment; must be strong team-player and collaborator
- Big 4 experience and/or experience working with external auditors, a plus
- Ability to see the big picture, and to discern risk from distraction
- Ability to manage co-sourced resources and eventually direct reports
- Inquisitive thinker, able to connect information, to challenge the status quo, and to find innovative solutions
- Collaborative personality, good at building consensus
PLEASE NOTE: this IS NOT a fully remote position post-Covid. Please don’t apply if you are not currently located in (or open to relocate to) one of the locations listed above.