Internal Audit (IA) is an independent and objective function that assists Salesforce meet its objectives through independent reviews and assessments. Specifically, IA evaluates and provides recommendations to enhance the effectiveness, efficiency and scalability of the company's processes, information systems, and underlying internal control environment. IA also evaluates and assists in improving the effectiveness of the Company's risk management and governance processes.
The Internal Audit team is looking for an experienced Senior Technology Auditor to join the audit team in San Francisco or Dallas covering all of Salesforce's technology and cybersecurity operations across the entire enterprise. This includes corporate back-office and customer-facing functions throughout all regions in which the Company operates.
Successful candidates for the Senior Technology Auditor position will:
- Support and conduct audits over technology processes, operations, and systems throughout the Company.
- Be fluent in project management best practices including project plans, charters, and task management.
- Be intellectually curious and passionate about internal audit, learning about new processes, systems and technologies and how to make them better, driven by "doing the right thing"
- Be firm and communicate process recommendations and findings in a poised, diplomatic and effective manner
- Effectively maneuver through the organization, influence others, and keep up with the ever-changing and growing landscape that is Salesforce
- Be vigilant about our "stay in control" focus coupled with a strong demand for process/internal systems enhancements required to scale the Company's operations
- Be a team oriented individual who can effectively work at all levels within the organization, both within Internal Audit and other functions
- Be practical in your assessment and recommendations to help the company achieve real risk reduction and mitigation, while maintaining velocity and scale for the business.
The Internal Audit function reports administratively to the Chief Risk and Assurance Office and directly to the Audit and Finance Committee of the Company's Board of Directors.
- Assist Managers / Senior Managers with planning the audits by researching various technologies, meeting with the business to understand their processes and environments, and developing an audit timeline.
- Document our understanding of the technology landscape and prepare "what could go wrong" risk scenarios and potential controls.
- Assist in drafting the audit work program for each specific audit.
- Conduct walk-throughs and review architectural design and system configuration to perform test of design procedures.
- Develop a testing sample population for detailed test of effectiveness.
- Perform detailed testing and look for opportunities to and make suggestions for improving the testing efficiencies through data analytics, automations, or other methods.
- Document findings and observations and refine after review input.
- Support the Manager / Senior Manager in drafting audit reports.
- Actively participate in decision making throughout the audit and seek to understand the broader impact of current decisions.
- Assist Managers / Senior Managers in socializing and gathering input / feedback on the audit findings and management action plans (MAPs).
- Manage findings and MAPs in our GRC tool.
- Follow-up on open MAPs and re-test controls to close out MAPs.
- Provide sound advice derived from you strong understanding of Salesforce's business model, processes, systems, underlying controls to various internal business teams.
- Help influence for positive changes in these areas.
- Identify and evaluate complex business and technology risks
- Demonstrate problem solving, critical thinking and logical structuring skills
- Stay abreast of best practices, both internally and externally, and provide a conduit for introducing those practices to the Company.
- Be a role model for the Company's values and demonstrate the highest ethical standards.
- Bachelor's degree, or equivalent
- A minimum of 2-4+ years work experience in internal Audit or Technical IT/Security Operational role and ability to demonstrate:
- Understanding and experience with the audit life cycle
- Understanding of audit best practices in the form of planning, field work, and reporting
- Experience working with business owners and teams in an audit capacity
- Understanding of business processes related to technology companies.
- Highest level of ethics, independence, and professionalism.
- Excellent English language skills
- Strong analytical and data analysis skills
- Ability to work in a fast-paced environment, often on multiple projects simultaneously
- Ability to work with minimal day-to-day supervision
- Excellent communication and interpersonal skills
- Strong problem solving capabilities
- Intellectual curiosity and tinker mentality
- Ability to travel up to 25%
Additional Skills/Experience Preferred:
- Knowledge about cloud computing businesses and processes
- Hands-on operational role or self-taught technical skills