The Customer Audit Manager OpportunityDemonstrating Okta's security program to customers and prospects is a core responsibility of the Customer Trust team, and to meet rapidly growing demand, we are seeking a Manager of Customer Audit to lead this capability of our team. This role will be responsible for creating a customer & prospect audit program, maintaining an evidence collection for presentation, coordinating and hosting security audits both virtually and on-site in our San Francisco Executive Briefing Center, and other locations in North America and globally as required.
Okta's Customer Trust team is a highly technical group, and the ideal candidate will have hands-on experience with the technical implementation of SOC2 and ISO controls in a cloud-based environment, while maintaining the ability to describe the effectiveness and risk mitigation of these controls to an auditor. The candidate will also have the ability to train and manage employees globally to support Okta's international growth. This unique position has the opportunity to not only interact with the security teams of Fortune 500 companies, but also create a highly visible example for exceptional third-party risk assessments.
What you'll be doing - Create and communicate a strategy to deliver Okta Security's audit program, maintaining a stakeholder group across the business and security team
- Cooperate with the Security Compliance team to create and maintain an evidence repository for use in third-party risk audits
- Coordinate and schedule customer or prospect onsite and virtual audits
- Understand customer or prospect risk concerns and lead the presentation of evidence material to resolve these concerns
- Interact with the Customer Trust team to develop and publish content regarding Okta's security controls
- Coordinate between Customer Trust, the GRC team and other Okta stakeholders to document, manage, track, and proactively communicate ownership and status updates regarding audit observations accepted by Okta, between those groups and also back to the customer or prospect
- Collaborate with Okta Security on other projects, as applicable
What you'll bring to the role- Bachelor's degree in Computer Science or Management Information Systems, or equivalent work experience
- In-depth knowledge of IT security frameworks and best practices, such as NIST SP800 publications, CoBIT, CCM, and Trust Principles and Criteria
- Experience in IT regulation and compliance standards such as SOC 1 and 2, ISO27001, and ISO42001
- Working knowledge of terms and concepts used in information security, privacy, risk assessments, and contingency planning
- Understanding of IT and cloud methodologies, such as software development lifecycle and operations
- Excellent oral, written, and presentation skill
Helpful Certifications / Skills:- Certified Information Security Auditor (CISA)
- GIAC Security Essentials (GSEC)
- Certified Information Systems Security Professional (CISSP)
- Certificate of Cloud Security Knowledge (CCSK)
- Certificate of Cloud Auditing Knowledge (CCAK)
#LI-Hybrid
#BB-1
