• 4-5+ years of technology audit and or technical product/program management experience ideally within an Internal Audit, IT Security or engineering function
• Experience in payment services, banking and/or financial services and associated regulatory compliance
• Experience in auditing security infrastructure technology and cloud native infrastructure services
• Technical auditing skills and knowledge of relevant professional and auditing standards
• Strong understanding of concepts related to information systems audit, information security, general IT controls, application controls and technology risks
• Familiarity with industry standards and regulations related to security, privacy, and compliance
• Excellent communication and interpersonal skills, with the ability to effectively collaborate with technical and non-technical stakeholders
• Strong analytical and problem-solving skills, with the ability to think critically, challenge the norms and make data-driven decisions
• Experience operating autonomously and leading large-scale efforts across multiple teams and functions, with stakeholders in different disciplines across time zones
• Experienced in the use of auditing and assessment frameworks and the application of professional standards
• Attention to detail, including ability to issue-spot, identify patterns, flag incongruencies
• Ability to apply critical thinking and analysis, and exercise professional judgment
• Ability to discuss complex issues with any level of management and influence perspectives
• Exceptional written and verbal communication skills, including report positioning and clarity
• Knowledge of external leading risk and controls frameworks such as COBIT (Control Objectives for Information and related Technology), NIST Cybersecurity, ISO27000, ISO27001, ISO27002, and IT related internal controls
• Professional certification such as CISSP, CISA, or CIA, and
• A BS/BA degree, preferably in Information systems, computer science, engineering or other related IT field

Desirable

• We’re looking for an experienced technology audit leader with regulatory compliance audit experience to help us deliver and expand a global audit program, who will serve as a key member of the IA technology audit pillar reporting to the Head of Technology Audit Pillar, and drive demonstrable business impact
• As a Technology Lead within the IA Tech team, you will be an active contributor to the overall strategy of IT audit at stripe, shape technical design of audits, drive decision making, and ensure seamless execution through all the audit phases—from planning to delivery.
• The ideal candidate will deliver exceptional results through building and implementing audit programs that help protect our users and serve the business
• Develop a risk-based technology audit plan across product, infrastructure, business systems and corporate technology
• Plan and execute technical complex audits, consulting engagements, and other influencing activities of supporting operations, and processes
• Serve as IA’s SME on technology related considerations across IA audit projects and within the organization
• Manage co-sourced service providers while delivering our audit plan
• Support the development of the annual and longer-term strategy for a risk-based audit plan shaped for Stripe’s expanding global operations and regulatory requirements
• Collaborate with IA functional leads for analytics, technology and finance/operations to form integrated approaches
• Support the growth of a team of skilled and experienced auditors
• Seamlessly liaise with external auditors and regulators in connection with technology audit work
• Lead ad-hoc programs and initiatives to provide advisory insights
• Work seamlessly with key global partners within the second lines of defense to build efficiencies into the audit plan and avoid duplication of activities
• Present findings and recommendations to stakeholders and leadership teams
• Secure management action plans for remediation, and monitor remediation progress and timeliness
• Perform outreach and maintain collaborative working relationships with partners across product, engineering, security, corporate technology, finance systems and business systems.
• Invest in understanding the business to better identify areas of need and opportunities to advise
• Research and stay current on new technical literature applicable, emerging trends and best practices
• Act as the independent voice of the user as part of the audit process in security designs, gather direct feedback, identify security challenges and incorporate them into our planning
• Play a key part in shaping the technical design and operating effectiveness testing of audits by collaborating with engineers, and identifying control gaps and weaknesses
• Leverage data and insights to drive strategic decisions and prioritization at the leadership level when presenting the audit report(s)
• Help influence peers / stakeholders and build consensus while dealing with ambiguity
• Evaluate key cross-functional security initiatives and programs that require security domain, systems and engineering level knowledge