Sr. Manager, IT Internal Audit
Restaurant Brands International · Miami, FL · 2 wk ago
Information TechnologyFull-time
Key Responsibilities
- Apply IT audit subject matter expertise across engagements; serve as a technical resource to Internal Audit team members and co-source partners
- Support the SOX ITGC program by coordinating with co-source partners on scoping, reviewing testing workpapers, and tracking deficiencies through remediation
- Execute audits of change management, access management, SDLC, computer operations, and IT regulatory compliance across corporate and brand domains
- Build and maintain audit data pipelines, analytical models, and testing procedures (Python, SQL, Power BI) in support of the Director’s continuous monitoring programs
- Advisor for cybersecurity, data governance, and privacy control assessments (NIST, PCI, CCPA)
- Support Optro GRC IT integration maintenance and data feed governance under the direction of the VP
- Contribute to analytics adoption across the Internal Audit function; develop reusable testing tools and support data infrastructure decisions in coordination with the VP
- Assist with IT risk assessments across brands and corporate in support of audit plan prioritization
- Support Internal Audit representation in cross-functional technology governance forums as directed
- Issue remediation tracking and closure; support special projects and VP advisory requests on technology risk matters
Competencies
- IT Audit Leadership: Demonstrated ability to execute IT audit engagements end-to-end across complex technology environments; translates audit objectives into well-documented, risk-rated findings
- SOX / ITGC Expertise: Deep, hands-on knowledge of IT general controls, SOX 404/302 IT support, and external auditor reliance strategies; experienced in deficiency assessment and Item 308(c) evaluation
- Cybersecurity & Data Risk: Fluent in information security audit, IAM, cloud security, and data governance risk; able to assess control design and maturity across diverse technology stacks
- Analytics & Automation: Skilled in designing and building data-driven audit programs using Python, SQL, and BI tools; able to automate testing and scale continuous monitoring coverage
- Stakeholder Influence: Adept at building trusted relationships with CIO, CISO, Legal, and Data Governance without direct authority; able to communicate technical risk to non-technical audiences
- Communication & Reporting: Skilled in producing polished, executive-ready audit reports and Audit Committee materials; able to translate technical findings into business-impact language and actionable recommendations
- Team & Co-source Management: Experienced in directing co-source partners and guiding junior audit staff with clarity and accountability; able to coordinate multi-party engagements across specialist and internal resources
- Intellectual Curiosity: Naturally drawn to emerging technology risks (AI/ML, cloud connectors, digital franchise platforms); able to translate evolving trends into timely adjustments to the audit program
Education & Certifications
- Bachelor’s degree in Information Systems, Computer Science, Accounting, or related field
- CISA required; NIST CSF and PCI-DSS audit framework familiarity expected
- CIA, CPA, CRISC, or CISM a plus
Experience
- 7+ years in IT audit, information security audit, or IT risk/compliance
- Meaningful IT SOX/ICFR experience at a public company, including ITGC coordination with co-source partners and Big 4 external auditors
- Experience contributing to an IT audit program in a co-source or influence model; able to work effectively alongside specialist and internal resources
- Hands-on experience with SAP environments and cloud data platforms (Snowflake, Azure, or AWS)
Technical Skills
- Python and/or SQL for audit analytics and automation
- Optro GRC (AuditBoard) – IT integration configuration and workflow design
- SAP security and authorization concepts; Snowflake governance architecture
- Power BI or equivalent data visualization; Microsoft Office suite
Benefits
Benefits at all of our global offices are focused on physical, mental and financial wellness. We offer unique and progressive benefits, including a comprehensive global paid parental leave program that supports employees as they expand their families, free telemedicine and mental wellness support.