Lead IT Auditor

Overview

The Internal Audit team at HubSpot is a function that is committed to maximizing trust through the objective assessments and evaluation of compliance, risk management and governance activities. The function reports to the Audit Committee and administratively to the SVP of Finance. We are looking for a seasoned professional that is driven with a passion for IT risk, internal controls and risk management.

The Lead IT Auditor will drive the execution of the internal audit plan with a focus on IT SOX controls and IT SOX risk advisory projects. The ideal candidate will collaborate with cross-functional teams to evaluate the design and operating effectiveness of IT controls. This role will also partner with the business process team on integrated projects and other team initiatives as needed.

In This Role, You’ll Get To

• Lead IT SOX program from scoping through reporting, serving as the primary contact for testing execution, timeline, and external auditor coordination.
• Perform automated and IT general controls testing in support of the SOX compliance program
• Collaborate with functional teams to evaluate current and new processes, advise management on control design, and identify risks and improvement areas
• Partner with Compliance to ensure IT SOX documentation, including flowcharts, narratives, and controls are up to date, accurate and properly handled as part of process redesigns and system implementation efforts
• Develop and maintain audit workpapers and documentation, including audit plans, testing procedures, and results
• Conduct interviews and walkthrough meetings of internal stakeholders
• Prepare internal audit reports and communicate results and recommendations to internal stakeholders
• Monitor the remediation of identified control deficiencies and track progress towards remediation objectives
• Provide clear and concise updates to your lead on the status of assignments

We’re Looking For People Who Have

• Bachelor’s degree in Information Systems, Accounting Information Systems, Management Information Systems, Computer Science or related subject
• Professional certification such as Certified Internal Systems Auditor (CISA) and/or Certified Internal Auditor (CIA) preferred
• Actively pursuing a CISM, CISSP license or IT audit certification a plus
• 8+ years of IT audit experience in public accounting and/or internal audit, with demonstrated ownership of complex IT SOX engagements at a public company
• Deep expertise in IT General Controls (access management, change management, SDLC, data processing) and IT Application Controls
• Strong working knowledge of COSO, COBIT, and SOX Section 404 requirements
• Experience evaluating controls across cloud-native, SaaS, and virtualized environments
• Ability to build collaborative working relationships with internal stakeholders
• Ability to work independently, is a self-starter and move projects forward by meeting project deadlines, manages multiple projects and assignments
• Ability to independently assess control design, identify deficiencies, and frame classification decisions (e.g., control deficiency vs. significant deficiency) with supporting rationale
• Can effectively manage high volume of projects and tasks in a challenging and fast-paced environment
• Ability to generate clear, concise depictions of process, controls, and data flows
• Strong communication skills, verbal and written