Director, Cybersecurity & IT Audit
About the department
The Internal Audit (IA) organization is responsible for delivering high quality objective and independent assurance over the Company’s key business risks to the Audit Committee and Management in a cost effective way and consistent with Professional Standards. Reflecting the Company’s core value of continuous improvement, the function is in the process of moving toward wider coverage of operational risks, exploring more efficient audit approaches and industry best practices where appropriate.
The Director of Cybersecurity & IT Audit will have specific responsibility for defining, assessing and executing the Cybersecurity plan within the IT function in accordance with professional best practices, and will assist the Vice President of IA and the leadership team in driving function-wide transformation programs and the strategic direction for the team. This person will stay closely aligned with IT Security management in order to understand and add value to our business.
What you'll do
Develop and execute Cybersecurity and IT audit strategy in alignment with business objectives, based on thorough understanding of our business and risk exposures
Perform effective Cyber risk assessments, define Cyber risk-based audit programs and manage/lead operational audits to evaluate controls and compliance
Deliver high quality, efficient and timely audit work in accordance with the Internal Audit charter, IIA standards and professional best practices
Build relationships with Cyber/IT leaders to help define scoping, planning and execution of work
Add value to the business through great communication and alignment with IT senior management
Drive creation of actions to remediate deficiencies and risk mitigation plan with stakeholders
Liaise and work closely with external auditors and the SOX Team to manage expectations with regard to reliant IT SOX testing activities
Budget, allocate resources, and manage the Cybersecurity IA team
Drive department transformation programs which may include implementing risk based auditing approaches, streamlining processes and documentation, implementing data analytics and continuous audit, improving indicators and performance metrics, audit training and team development, enhancing stakeholder and Audit Committee reporting and department budgeting processes.
Drive the professional development, including benchmarking, training, certification and engagement in Cyber and IT related forums. Stay current with industry trends, threats, and best practices.
Report to the Vice President of IA
Examples of desirable skills, knowledge and experience
Minimum 12 years of core IT Security Audit experience
Deep understanding of IT Security posturing, threat/impact analysis, IT General Controls, core IT processes, controls, platforms and systems
Excellent knowledge of Cyber audit best practices, tools/techniques and emerging trends
Advanced proficiency in security frameworks and standards (i.e., NIST, ISO 27001)
Experience in areas such as IP Protection, DLP, Encryption, Network, Firewall, SEIM, DMZ, Extranet, etc.
CISSP, CISA, CIA preferred
Exceptional leadership and management skills; experience in team development and fostering a culture of continuous improvement.
Effective communicator, relationship builder and a manager of expectations
Compensation may be adjusted depending on work location.
For Colorado-based hires: Estimated annual salary of $205,000 - $251,000.
For New York City, Washington, and California (excluding Bay Area) based hires: Estimated annual salary of $234,000 - $286,000.
For Bay Area-based hires: Estimated annual salary of $247,000 - $301,000
This role is eligible to participate in Cloudflare’s equity plan.
Cloudflare offers a complete package of benefits and programs to support you and your family. Our benefits programs can help you pay health care expenses, support caregiving, build capital for the future and make life a little easier and fun! The below is a description of our benefits for employees in the United States, and benefits may vary for employees based outside the U.S.
Health & Welfare Benefits
Flexible Spending Accounts
Commuter Spending Accounts
Fertility & Family Forming Benefits
On-demand mental health support and Employee Assistance Program
Global Travel Medical Insurance
Short and Long Term Disability Insurance
Life & Accident Insurance
401(k) Retirement Savings Plan
Employee Stock Participation Plan
Flexible paid time off covering vacation and sick leave
Leave programs, including parental, pregnancy health, medical, and bereavement leave