Internal Audit Risk and Control Advisor, IT San Francisco

Be a part of building the Finance team at Stripe!

Stripe is building a world class Audit Team. Our Audit Team is responsible for providing independent and objective assurance review on the design and operational effectiveness of Stripe’s framework of risk management, control and governance processes. We’re looking for an Internal Audit Risk and Control Advisor, IT, with extensive business process and controls experience who is excited to help build and maintain the IT audit program at Stripe. The ideal candidate will have a proven track record of working within a high-performing, fast-paced environment to build a growing function. This role is based in San Francisco. 

You will:

  • Assist with the development of a risk-based technology infrastructure, security, and general IT audit plan.
  • Perform audits, consulting engagements, and other influencing activities of infrastructure technologies, security, supporting operations, and processes.
  • Conduct reviews in highly technical areas of current/emerging technologies including Internet, Intranet, cloud, security, distributed computing, firewalls, and Servers.
  • Be recognized as a leader, management consultant and internal controls expert; develop and maintain collaborative working relationships with business management, learning and understanding the business to better provide value-added services and help management achieve objectives.
  • Plan and execute audits of processes in support of a healthy internal controls environment.
  • Ensure the audit team works seamlessly with the external auditors, compliance, and other second lines of defense to plan and execute information technology audit work, thus eliminating duplicate efforts and improve the efficiency and effectiveness of audit activities.
  • Present findings and recommendations to the executive team and actively monitor audit related remediation and management action plans.
  • Participate in corporate risk assessment activities and help execute the corporate enterprise risk management plan.
  • Research and stay current on new technical literature applicable to the internal control process (e.g., FFIEC, PCAOB guidance, SEC, ISACA, etc.), emerging trends and best practices. 

Our ideal candidate will have:

  • 7-10 years of experience in Information Technology, hardware or software product development, IT audit, IT Assurance or a closely related field, IT Security operations or IT security architecture.
  • Sound knowledge and experience in financial services and regulatory compliance.
  • Ability to act as an information technology, regulatory, and risk management consultant to management in any area of the financial services with minimal oversight; must have knowledge of regulatory compliance in addition to an expertise in information technology.
  • Possesses exceptional executive presence and the ability to discuss complex issues with any level of management.
  • Possesses high quality auditor and professional judgment.
  • Strong influencing abilities and techniques.
  • Must be collaborative, team oriented, and possess strong communication and interpersonal skills.
  • Excellent understanding of concepts related to information systems audit, information security, general IT controls, application controls and technology risks.
  • Knowledge of external leading risk and controls frameworks such as COBIT (Control Objectives for Information and related Technology), NIST Cybersecurity, ISO27000, ISO27001, ISO27002, and IT related internal controls.
  • Professional certification such as CISSP, GIAC, MCSE, CCNA, CISA, or CIA.
  • A BS/BA degree, preferably in finance, information systems, computer science, engineering or other related IT field. 

Nice to haves:

  • Public accounting and/or start-up experience.
  • Previous experience in a high volume transactional payment environment. 

To apply, please send us:

  • A resume and LinkedIn profile.

We look forward to hearing from you.

Apply now