Job Information
ManpowerGroup IT Controls Sr Manager (SOX) in Cambridge, Massachusetts
Role IT Controls Sr Manager (SOX)
Type Fulltime
Location Cambridge, MA (Hybrid – 2 days a week)
- EverQuote (Nasdaq: EVER) operates the largest online marketplace for insurance shopping in the United States. We make insurance shopping easy, efficient, and personal, saving consumers and providers time and money. Our goal is to reshape the way consumers shop and improve the way insurance providers attract and connect with customers as insurance shopping continues to shift online.
What you’ll do:
- The Senior Manager, IT Controls is a hybrid role based in Cambridge, MA that will report to the CIO and will operate and manage a Sarbanes-Oxley (SOX) IT Controls program where revenue transactions and key reporting come from custom developed systems deployed to Amazon Web Services using CI/CD. You’ll work with our security team to ensure our control owners have complete and accurate review populations and validate the propriety of control execution. You’ll direct our IT controls monitoring team and provide input on our internal control monitoring and execution tools. If our business or technologies change, you’ll work with our engineering, IT, finance, HR, and product teams on any necessary changes to our SOX IT Controls.
About you:
CPA (Certified Public Accountant) or CISA (Certified Information Systems Auditor) required; CISSP (Certified Information Systems Security Professional) and/or CISM (Certified Information Security Manager) preferred.
8+ years large public company internal and external auditing, with emphasis on IT auditing in large public companies with complex custom developed platforms in public cloud environments and/or large accounting firms with experience auditing a complex IT client base.
5+ years’ experience in a position of leadership to include team development and management.
Expert level IT audit program and practices experience. Big 4 IT Audit experience preferred.
Expert understanding of the general computer control areas and IT governance frameworks (e.g., Sarbanes-Oxley, COSO framework, COBIT, NIST CSF, ISO 27001).
Working understanding of US Generally Accepted Accounting Practices.
Direct experience designing and implementing a system of internal controls, including experience in a large-scale management-led SOX organization as well as supporting a company’s SOX program.
Proven experience with evaluating security and controls on various hosted and SaaS/cloud-based technologies.
Strong understanding of SDLC including agile and CI/CD processes.
Functional knowledge of Git-based source code flows including commits, pull requests, approvals, and merges.
Ability to negotiate, influence, and partner effectively with multi-functional and remote teams where resources may not be in direct control of this role.
Demonstrated ability to develop and execute a strategic people plan that ensures that the right people are in the right roles at the right time and that employees are highly engaged and satisfied.
Strong vendor management and partner relationship skills.
Excellent verbal and written communication skills, including the ability to explain technical concepts and technologies to business leaders, and business concepts to the security workforce.
Preferred Experience:
Functional understanding of AWS Well-Architected Framework components including IAM roles and trust principals, CloudTrail, CloudWatch, Elastic Kubernetes Service
Experience with Okta or other SaaS identity providers
Atlassian Jira
Working with an engineering organization using Scaled Agile Framework (SAFe) patterns
VLOOKUP and other functions in Google Sheets and Microsoft Excel
Experience building basic automation to perform simple API queries using Python
Basic SQL knowledge
ManpowerGroup is committed to providing equal employment opportunities in a professional, high quality work environment. It is the policy of ManpowerGroup and all of its subsidiaries to recruit, train, promote, transfer, pay and take all employment actions without regard to an employee's race, color, national origin, ancestry, sex, sexual orientation, gender identity, genetic information, religion, age, disability, protected veteran status, or any other basis protected by applicable law.