Associate Internal Audit

Okta is seeking an experienced, highly motivated and detail-oriented Associate Internal Audit to join our global Internal Audit team. This role will primarily focus on internal operational and technology audits, risk advisory projects, and SOX compliance, while supporting key risk management initiatives. The ideal candidate will work as part of a high-performance culture built around autonomy and responsibility.

As an Associate Internal Audit, you will work with a global and agile team in a fast paced, high technology environment on multiple audit engagements across the enterprise throughout the audit cycle.  You will participate in activities including identifying and assessing operational and IT risks, developing and executing audit programs, completion of high-quality workpapers, identifying issues and reporting the results to audit stakeholders and management.

This position will report to the Internal Audit Manager and will work closely with cross functional stakeholders. We’re looking for a strong individual with operational and technology experience and an understanding of technology and operational audit and risk, who is eager to join a small, growing team within a company continuing to experience rapid growth and expansion. 

Responsibilities:

• Evaluate the design and operational effectiveness of key operational, cybersecurity and related controls used at Okta
• Ensure adherence to SOX, COSO, NIST and other relevant frameworks
• Assess risks, design audit programs, execute fieldwork, complete walkthroughs, test controls and document workpapers (in a manner that aligns to our department methodology), and document findings with clear evidence to support audit conclusions
• Exercise judgment regarding planning, risk assessments,and completion of objectives on complex projects
• Utilize data analytics tools to assess the effectiveness of controls and identify areas for improvement
• Effectively partner with cross functional stakeholders to gain stakeholder agreement on root causes of issues and appropriate corrective actions and ensure completion of remediation activities agreed upon during audit projects, while maintaining positive client relationships
• Participate in providing risk-based consulting to assist management during the development of business process improvements or the implementation of new systems
• Assist in the planning, execution, and reporting of SOX 404 testing, including control walkthroughs, testing key controls, and evaluating deficiencies
• Work cross-functionally with process owners to assess control design, identify gaps, and recommend process improvements
• Create and maintain documentation over how key SOX reports are generated and validated
• Assist in SOC 1 and SOC 2 reviews, ensuring compliance with regulatory and industry standards
• Support audit readiness for external auditors, coordinating audit requests and documentation
• Develop and maintain strong relationships with key stakeholders across the organization to facilitate effective communication and collaboration
• Ad hoc projects and requests, as needed

Required Qualifications:

• Bachelor’s degree in business, accounting, computer science, information systems, “STEM” (Science, Technology, Engineering and Math) or related major
• Experience in internal audit with a focus on financial, operational, and technology risk  
• Strong understanding of SOX 404, COSO framework, US GAAP, and risk assessment methodologies
• Knowledge of IT systems including infrastructure, cybersecurity, and familiarity with IT governance frameworks and experience using industry standards/framework such as NIST CSF, COSO and COBIT
• Experience in completing control walkthroughs, testing, and evaluating key business and IT controls
• Understanding of IT general controls including cybersecurity, SDLC, access and change management, logging and monitoring, disaster recovery, and cloud computing
• Analytical and critical thinking proficiency in analyzing complex data and extracting meaningful insights 
• Ability to effectively discuss audit findings and develop impactful solutions with business partners, focusing on right-sized solutions given the size and complexity of the organization
• Ability to identify root causes of issues and recommend appropriate remediation and safeguards
• Excellent analytical, organizational, and written/verbal communication skills
• Strong English language proficiency (verbal and written)
• Position is eligible to be partially remote, so communication, collaboration, and organization are key to your success
• Solutions oriented, with a willingness to roll up your sleeves to “get it done”
• Ability and desire to work hands on in an evolving, fast-paced environment
• Be flexible with supporting PST time zones

Preferred Qualifications:

• Certifications such as CPA, CIA, or CISA, CISM, CISSP, CEH, Security + or CISA are highly desirable
• Experience with data analytics platforms and tools
• Auditboard experience is an added advantage
• Experience with cloud-based or software as a service (SaaS) companies is a plus
• Big 4 or similar auditing experience is desirable