Director, Internal Audit
Fervo Energy · Houston, TX · 1 wk ago
HybridAccountingFull-time
Responsibilities
- Internal Audit Strategy & Governance
- Build Fervo's internal audit function from the ground up, including charter, methodology, risk-based annual audit plan, and quality assurance and improvement program aligned with IIA standards
- Serve as the primary point of contact for the Audit Committee—preparing materials, delivering updates on key risks and control issues, and ensuring concerns are surfaced early and resolved decisively
- Define the enterprise risk universe in partnership with Finance, Legal, Compliance, IT, and Operations, and translate it into a multi-year audit roadmap that scales with the business
- Establish audit standards, documentation norms, and workpaper discipline sufficient to withstand external auditor and regulator scrutiny
- SOX Program Design & Execution
- Partner with Finance and Accounting to support the design and build-out of Fervo's SOX program, including scoping, risk assessment, control design evaluation, and deficiency remediation tracking, ensuring controls are designed into processes rather than layered on after the fact
- Own the independent testing layer of Fervo's SOX program, executing control testing, evaluating deficiency severity, and reporting results to the Audit Committee independently of management's conclusions
- Cook directly with external auditors on SOX scoping, walkthroughs, testing reliance, and deficiency evaluation—driving one version of the truth and minimizing duplication
- Provide control guidance on new system implementations, M&A activity, and strategic initiatives to ensure SOX and broader control considerations are addressed up front
- IT & Cybersecurity Audits
- Design and execute IT general controls (ITGC), application controls, and cybersecurity audits across financially significant systems, OT environments, and field-data infrastructure
- Assess cyber risk posture in coordination with IT and Security leadership, including reviews of access management, change management, incident response, and third-party/cloud risk
- Build data analytics, continuous monitoring, and fraud detection capabilities into the audit toolkit to surface trends, anomalies, and emerging risks
- Regulatory & Compliance Audits
- Deliver independent audits of Fervo's regulatory compliance programs—including FERC, NERC, energy market participation, domestic content and prevailing wage, trade and sanctions, ethics and anti-corruption, supply chain compliance with company procurement policies and leading practices, and third-party/vendor compliance across the supply chain—in coordination with the Director, Compliance & Regulatory Programs
- Evaluate the design and operating effectiveness of controls embedded in engineering, operations, and commercial workflows to confirm that compliance happens in the field, not just on paper
- Support investigations and special projects as requested by the Audit Committee, General Counsel, or executive leadership, with defensible methodology and independent reporting
- Team & Stakeholder Leadership
- Build and lead a small, high-caliber internal audit team over time—balancing in-house talent with co-source relationships to match capability to the risk profile
- Develop strong working relationships with business leaders by communicating best practices and delivering internal control awareness and training across the organization
- Communicate effectively with C-suite and Board-level stakeholders, presenting findings and recommendations with clarity, judgment, and appropriate candor
- Bachelor's degree in accounting, finance, or a related field; CPA, CIA, or CISA strongly preferred (MBA a plus)
- 10+ years of progressive internal audit, external audit, or ICFR experience, including meaningful time at a Big Four or top-tier professional services firm and at a public or near-IPO company
- Demonstrated experience standing up or materially rebuilding a SOX program—scoping, control design, testing, and remediation—not just executing within an established one
- Deep fluency with COSO 2013, PCAOB AS 2201, and SEC rules governing ICFR, disclosure controls, and audit committee reporting
- Working knowledge of IT general controls, cybersecurity frameworks (e.g., NIST CSF, ISO 27001), and audits of complex ERP and operational technology environments
- Proven ability to coordinate effectively with external auditors and to present to audit committees and senior executives
- Track record of operating independently, exercising sound judgment under ambiguity, and delivering results in fast-moving, resource-constrained environments
- Ability to travel to Fervo offices and project sites as needed