Senior Manager, Technology Risk & Assurance
Williams-Sonoma, Inc. · San Francisco, CA · 2 days ago
Engineering$170k–$190k/yrFull-time
Responsibilities
- Lead Technology Risk & Assurance
- Lead the company's Technology Risk & Assurance program, including technology audits, technology risk assessments, and oversight of the global IT SOX program.
- Develop and execute a risk-based assurance plan focused on areas including cloud platforms (AWS, Azure, GCP), cybersecurity, DevSecOps, CI/CD, enterprise applications, AI governance, data privacy, and emerging technologies.
- Perform assessments executed in accordance with Internal Audit methodology and professional standards while delivering practical, risk-focused insights.
- Oversee the scoping, rationalization and execution of efforts over the SOX ITGCs and ITACs supporting SOX compliance.
- Evaluate technology processes, risks, and controls to identify opportunities to strengthen governance, improve operational effectiveness, and reduce risk.
- Provide independent, pragmatic recommendations that balance risk management with business objectives.
- Monitor emerging technology, cybersecurity, regulatory, and AI-related risks and incorporate them into assurance activities.
- Translate technical findings into clear business insights for executive leadership and the Audit Committee.
- Build Trusted Partnerships
- Develop strong relationships with leaders across Engineering, Information Security, Product, Enterprise Technology, Finance, and Compliance while maintaining Internal Audit's independence.
- Serve as a trusted advisor by providing independent perspectives on technology initiatives, system implementations, cloud migrations, and process changes.
- Coordinate effectively with external auditors and other assurance providers to optimize assurance coverage and reduce duplication of effort.
- Drive Innovation
- Advance the Technology Risk & Assurance function through automation, continuous monitoring, AI-enabled audit techniques, and data analytics.
- Identify opportunities to improve audit quality, increase efficiency, and enhance risk coverage through innovative approaches and technology.
- Champion continuous improvement initiatives that modernize Internal Audit's capabilities and ways of working.
Qualifications
- 9+ years of progressive experience in Technology Risk, Technology Assurance, IT Audit, Cyber Risk, or IT SOX, including experience leading complex technology assurance engagements.
- A combination of public accounting and industry experience is preferred.
- Bachelor's degree in Computer Science, Information Systems, Engineering, or a related technical discipline; CISA, CISSP, CISM, CPA, or other relevant certifications are preferred.
- Strong knowledge of SOX compliance, IT General Controls (ITGCs), IT Application Controls (ITACs), technology risk management, and industry frameworks including COBIT, NIST, and ISO 27001.
- Experience assessing modern technology environments, including cloud platforms, cybersecurity, identity and access management.
- Familiarity with AI governance, AI risk, and assurance considerations related to emerging technologies is highly desirable.
- Excellent project management, organizational, and stakeholder management skills with the ability to prioritize multiple initiatives.
- Exceptional communication and executive presentation skills, including experience presenting technology risk and assurance topics to senior leadership.
- Demonstrated ability to think strategically while remaining hands-on in executing complex assurance engagements.
- A collaborative leadership style, intellectual curiosity, sound judgment, and a passion for mentoring and developing others.