IT Audit Manager

Dropbox   •  

San Francisco, CA

Industry: Technology


8 - 10 years

Posted 30 days ago

Team Description

IT&S delivers technology strategy and solutions to our Dropbox business partners so they can work confidently, move fast, and scale effortlessly. We are the accelerator to the Dropbox business engine. We think of our team as a future-focused city planner for the Dropbox neighborhoods. We source, build and implement the right technology solution, and fit it into exactly the right place so that everything meets the high bar that Dropboxers expect.

Role Description

Protecting Dropbox and our ITS infrastructure/environment is critical to being worthy of trust. We’re looking for a Manager of IT Audit to join the IT Risk and Governance Team within ITS. In this role, you will work closely with: Internal Audit, Data Security, Product & Privacy Counsel, and Engineering teams to help us manage and maintain our compliance posture. You will lead the IT Audit Program, development and management of our internal controls within our ITS environment. Finally, you will be involved in multiple risk assessment initiatives to help demonstrate to our users how Dropbox is worthy of trust.


  • Co-lead the implementation of Sarbanes Oxley (SOX) IT compliance program for Dropbox
  • Document processes, perform test of controls, ensure documentation is up to-date for scoping, testing, and remediation
  • Identify control deficiencies and recommend improvements related to Dropbox’s key controls
  • Participating in other certification processes and internal-assessments, as needed (ex. Fedramp, GDPR, etc.)
  • Engaging with the relevant teams and stakeholders to understand our business processes
  • Defining the control objectives, control descriptions and monitoring compliance efforts
  • Managing contractors, auditors and responding to business requests
  • Collaborating with cross-functional teams to operate and validate controls, and remediate findings/gaps
  • Tracking internal controls and recommending best practices for customer, employee, partner, and vendors
  • Assisting in strategically improving the Compliance posture


  • 7+ years of overall experience in IT Audit and Compliance (SOC, GDPR, Security, etc.)
  • 2+ years of direct experience with managing IT Audits at scale at one of the ‘Big 4’ or in a Technology Company
  • Comprehensive working knowledge of Audit best practices and Compliance frameworks
  • Proven ability to interpret regulatory requirements into actionable internal controls
  • Possesses a high degree of comfort managing, interacting and consulting with both auditors and engineers
  • Understanding and willingness to learn about diverse business functions
  • Passion for technology and desire to tackle complex problems with creative solutions
  • Great interpersonal skills and ability to work well in fast-paced, team environment
  • CISA or other relevant professional certifications/associations, a plus